26 matches found
CVE-2020-10138
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...
EUVD-2020-2601
Malware in sbrugna...
CVE-2020-16171
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...
CVE-2022-3405
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
Information disclosure
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-30995
CVE-2022-30995 affects Acronis Cyber Protect 15 (Windows, Linux) before build 29486 and Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. The root cause is an improper authentication flow that leads to sensitive information disclosure. Public sources (NVD, Red Hat, CIRCL/CVE data) de...
CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-3405
CVE-2022-3405 affects Acronis Cyber Protect 15 (Windows, Linux) before build 29486 and Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545, caused by excessive privileges granted to the Acronis Agent which enables code execution and sensitive information disclosure. Public disclosures i...
CVE-2022-3405
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
CVE-2022-3405
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...
Acronis Cyber Backup和Acronis Cyber Protect 安全漏洞
Acronis Cyber Backup and Acronis Cyber Protect are both products of Singapore Acronis Acronis.Acronis Cyber Backup is a data backup product. You can backup virtual machines and hosts, support for windows, linux backup, using AcronisInstantRestore to provide extremely fast recovery performance, an...
Acronis Cyber Backup和Acronis Cyber Protect 授权问题漏洞
Acronis Cyber Backup and Acronis Cyber Protect are both products of Singapore Acronis Acronis.Acronis Cyber Backup is a data backup product. You can backup virtual machines and hosts, support for windows, linux backup, using AcronisInstantRestore to provide extremely fast recovery performance, an...
PT-2022-20443 · Acronis · Acronis Cyber Backup 12.5 +2
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 15 versions before build 29486 Acronis Cyber Backup 12.5 versions before build 16545 Description: The issue is related to sensitive information disclosure due to improper authentication. Recommendations: For Acronis Cybe...
Design/Logic Flaw
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...
CVE-2020-16171
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...
CVE-2020-16171
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...
Server side request forgery (ssrf)
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...