CVE-2021-32581

Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
acroniscyber_protect_cloud
𝑥
< 15.0.27009
acroniscyber_protection_agent
𝑥
< 15.0.26653
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.acronis.com/content/68413
https://kb.acronis.com/content/68419
https://kb.acronis.com/content/68648
https://kb.acronis.com/content/68413
https://kb.acronis.com/content/68419
https://kb.acronis.com/content/68648