CVE-2022-45450
18.05.2023, 10:15
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.Enginsight
| Vendor | Product | Version |
|---|---|---|
| acronis | cyber_protect | 𝑥 < 15 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-285 - Improper AuthorizationThe software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
- CWE-552 - Files or Directories Accessible to External PartiesThe product makes files or directories accessible to unauthorized actors, even though they should not be.