Vulnerabilities > CVE-2022-3405 - Unspecified vulnerability in Acronis Cyber Backup and Cyber Protect

047910
CVSS 8.8 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
low complexity
acronis

Summary

Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

Vulnerable Configurations

Part Description Count
Application
Acronis
19
OS
Linux
1
OS
Microsoft
1