Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cyber_protect | Acronis | * | 15 (excluding) |
| Cyber_protect | Acronis | 15 (including) | 15 (including) |
| Cyber_protect | Acronis | 15-update1 (including) | 15-update1 (including) |
| Cyber_protect | Acronis | 15-update2 (including) | 15-update2 (including) |
| Cyber_protect | Acronis | 15-update3 (including) | 15-update3 (including) |
| Cyber_protect | Acronis | 15-update4 (including) | 15-update4 (including) |
| Cyber_protect | Acronis | 15-update5 (including) | 15-update5 (including) |