Cyber Backup Security Vulnerabilities and Issues — Cyber Backup CVE List

Lucene search

AcronisCyber Backup

4 matches found

CVE•added 2020/10/21 2:15 p.m.•69 views

CVE-2020-10138

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can c...

7.8CVSS7.7AI score0.00045EPSS

CVE•added 2020/09/21 2:15 p.m.•57 views

CVE-2020-16171

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SS...

6.5CVSS6.3AI score0.09954EPSS

CVE•added 2023/05/03 11:15 a.m.•57 views

CVE-2022-3405

Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

9.3CVSS8.2AI score0.29609EPSS

CVE•added 2023/05/03 11:15 a.m.•41 views

CVE-2022-30995

Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

9.3CVSS7.2AI score0.46428EPSS