37 matches found
CVE-2024-34014
CVE-2024-34014 affects Acronis Backup plugin for cPanel & WHM (Linux) prior to builds 1.8.3.818 and 1.9.1.892, Acronis Backup extension for Plesk prior to 1.8.6.599, and Acronis Backup plugin for DirectAdmin prior to 1.2.2.181. The vulnerability is an arbitrary file overwrite during recovery caus...
CVE-2024-34014
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892, Acronis Backup extension for Plesk Linux...
CVE-2024-34014
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892, Acronis Backup extension for Plesk Linux...
Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞
Acronis Backup plugin for cPanel & WHM Linux is a plugin from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux versions prior to 818, which stems from improper handling of symbolic links, resulting in the disclosure of sensitive information duri...
The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers targets programming environments such as cPanel & WHM, Plesk, and DirectAdmin, running on Linux operating systems. This vulnerability allows attackers to gain increased privileges.
The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers, as well as for cPanel & WHM, Plesk, and DirectAdmin operating systems on Linux, is related to errors in privilege management. Exploiting this vulnerability can allow attackers to...
CVE-2024-8767
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 619, Acronis Backup extension for Plesk Linux before build 555, Acronis Backup plugin for DirectAdmin Linux before...
CVE-2024-8767
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 619, Acronis Backup extension for Plesk Linux before build 555, Acronis Backup plugin for DirectAdmin Linux before...
CVE-2024-8767
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 619, Acronis Backup extension for Plesk Linux before build 555, Acronis Backup plugin for DirectAdmin Linux before...
CVE-2024-8767
CVE-2024-8767 affects Acronis Backup plugins/extensions for Linux: cPanel & WHM plugin (pre-619), Plesk extension (pre-555), and DirectAdmin plugin (pre-147). Root cause is unnecessary privilege assignment that enables sensitive data disclosure and data manipulation with network access and low pr...
PT-2024-9769 · Directadmin +3 · Directadmin +5
Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions before build 818 Acronis Backup extension for Plesk Linux versions before build 599 Acronis Backup plugin for DirectAdmin Linux versions before build 181 Description: The issue is related ...
CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Acronis Cyber Backup Vendor URL: https://www.acronis.com Type: Server-Side Request Forgery CWE-918 Date found: 2020-07-30 Date published: 2020-09-14 CVSSv3 Score: 8.3...
Product update: Virtuozzo Infrastructure Platform 3.0 Update 1.1 (3.0.1-59)
This update provides stability fixes. Vulnerability id: VSTOR-25491 ABGW Acronis Backup Gateway could reject Acronis Backup Advanced certificates. Vulnerability id: VSTOR-25625 S3 NS services could fail to start...
Product update: Virtuozzo Infrastructure Platform 2.5 Update 1 (2.5.0-1599)
This update provides stability and usability fixes. Vulnerability id: VSTOR-19695, VSTOR-19857 Improved automatic firewall rules configuration. Vulnerability id: VSTOR-19909 Unable to register Backup Gateway in Acronis Backup Advanced with an IP address...
Kernel update: New kernel 2.6.32-042stab134.7; Virtuozzo 6.0 Update 12 Hotfix 34 (6.0.12-3728)
This update provides a new kernel 2.6.32-042stab134.7 for Virtuozzo 6.0. The new kernel introduces stability fixes. Vulnerability id: PSBM-89413 Host with multiple ploop devices running on a debug kernel could crash in sysfsaddrmstart on container stop. Vulnerability id: PSBM-89517 In some...
Acronis Backup - Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Acronis Backup published at the 'play' market has multiple vulnerabilities...
Information disclosure
Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...