PT-2021-19795 · Acronis · Acronis Cyber Protect+3
Published
2021-05-12
·
Updated
2021-08-12
·
CVE-2021-32581
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis True Image versions prior to 2021 Update 4 for Windows
Acronis True Image versions prior to 2021 Update 5 for Mac
Acronis Agent versions prior to build 26653
Acronis Cyber Protect versions prior to build 27009
Description
The issue is related to the lack of SSL certificate validation in the affected software. This means that the software did not properly verify the identity of the server it was connecting to, which could lead to security issues.
Recommendations
For Acronis True Image versions prior to 2021 Update 4 for Windows, update to 2021 Update 4 or later.
For Acronis True Image versions prior to 2021 Update 5 for Mac, update to 2021 Update 5 or later.
For Acronis Agent versions prior to build 26653, update to build 26653 or later.
For Acronis Cyber Protect versions prior to build 27009, update to build 27009 or later.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis
Acronis Agent
Acronis Cyber Protect
Acronis True Image