Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cyber_protect | Acronis | * | 15 (excluding) |
Cyber_protect | Acronis | 15 (including) | 15 (including) |
Cyber_protect | Acronis | 15-update1 (including) | 15-update1 (including) |
Cyber_protect | Acronis | 15-update2 (including) | 15-update2 (including) |
Cyber_protect | Acronis | 15-update3 (including) | 15-update3 (including) |
Cyber_protect | Acronis | 15-update4 (including) | 15-update4 (including) |
Cyber_protect | Acronis | 15-update5 (including) | 15-update5 (including) |