Description
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
CVSS breakdown
CVSS 3.0
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None
Affected products
- Acronis / Acronis Cyber Protect 16unspecified – 38690
References
- VENDOR_ADVISORYhttps://security-advisory.acronis.com/advisories/SEC-7022