PT-2022-27523 · Microsoft+2 · Windows+4
Published
2022-11-17
·
Updated
2023-05-26
·
CVE-2022-45458
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis Agent versions before build 29633
Acronis Cyber Protect 15 versions before build 30984
Description
The issue is related to sensitive information disclosure and manipulation due to improper certification validation. This affects Acronis products on various operating systems, including Windows, macOS, and Linux.
Recommendations
For Acronis Agent versions before build 29633, update to build 29633 or later.
For Acronis Cyber Protect 15 versions before build 30984, update to build 30984 or later.
As a temporary workaround, consider restricting access to sensitive information until a patch is applied.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis
Acronis Agent
Acronis Cyber Protect 15
Windows
Apple Macos