Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cyber_backup | Acronis | 12.5 (including) | 12.5 (including) |
| Cyber_backup | Acronis | 12.5-10130 (including) | 12.5-10130 (including) |
| Cyber_backup | Acronis | 12.5-10330 (including) | 12.5-10330 (including) |
| Cyber_backup | Acronis | 12.5-11010 (including) | 12.5-11010 (including) |
| Cyber_backup | Acronis | 12.5-13160 (including) | 12.5-13160 (including) |
| Cyber_backup | Acronis | 12.5-13400 (including) | 12.5-13400 (including) |
| Cyber_backup | Acronis | 12.5-14280 (including) | 12.5-14280 (including) |
| Cyber_backup | Acronis | 12.5-14330 (including) | 12.5-14330 (including) |
| Cyber_backup | Acronis | 12.5-16180 (including) | 12.5-16180 (including) |
| Cyber_backup | Acronis | 12.5-16318 (including) | 12.5-16318 (including) |
| Cyber_backup | Acronis | 12.5-16327 (including) | 12.5-16327 (including) |
| Cyber_backup | Acronis | 12.5-7641 (including) | 12.5-7641 (including) |
| Cyber_backup | Acronis | 12.5-7970 (including) | 12.5-7970 (including) |
| Cyber_backup | Acronis | 12.5-8850 (including) | 12.5-8850 (including) |
| Cyber_backup | Acronis | 12.5-9010 (including) | 12.5-9010 (including) |
| Cyber_protect | Acronis | 15 (including) | 15 (including) |
| Cyber_protect | Acronis | 15-update1 (including) | 15-update1 (including) |
| Cyber_protect | Acronis | 15-update2 (including) | 15-update2 (including) |
| Cyber_protect | Acronis | 15-update3 (including) | 15-update3 (including) |