2 matches found
CVE-2020-10139
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...
CVE-2020-10139
CVE-2020-10139 affects Acronis True Image 2021. An OpenSSL component sets an OPENSSLDIR under C:\jenkins_agent, and a privileged service uses this component. Unprivileged Windows users can create subdirectories off the system root to point an openssl.cnf to a crafted file, enabling arbitrary code...