2 matches found
CVE-2020-10138
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...
CVE-2020-10138
CVE-2020-10138 affects Acronis Cyber Backup 12.5 and Cyber Protect 15, where an OpenSSL component uses an OPENSSLDIR in C:\jenkins_agent\ and a privileged service exposes a local path traversal/vector. Unprivileged Windows users can create directories off the system root to point an openssl.cnf a...