Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
References
Link | Resource |
---|---|
https://herolab.usd.de/security-advisories/usd-2022-0008/ | Exploit Third Party Advisory |
https://security-advisory.acronis.com/advisories/SEC-4092 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Acronis
Published: 2023-05-03T10:49:47.642Z
Updated: 2023-05-03T10:50:39.541Z
Reserved: 2022-10-03T16:34:25.515Z
Link: CVE-2022-3405
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-03T11:15:11.650
Modified: 2023-05-09T17:02:27.727
Link: CVE-2022-3405
JSON object: View
Redhat Information
No data.