CVE-2022-30695
EUVD-2022-5252516.05.2022, 18:15
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| acronis | snap_deploy | 𝑥 < 6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-250 - Execution with Unnecessary PrivilegesThe software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.