CVE-2022-45454

Description

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.

CVSS breakdown

CVSS 3.0

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

Acronis / Acronis Agent0 – 30161
Acronis / Acronis Cyber Protect 150 – 30984

References

VENDOR_ADVISORYhttps://security-advisory.acronis.com/advisories/SEC-4379