SSL Certificate Validation Flaw in Acronis True Image and Cyber Protect
CVE-2021-32581
8.1HIGH
Key Information:
- Vendor
- Acronis
- Vendor
- CVE Published:
- 5 August 2021
Summary
Certain versions of Acronis True Image and Acronis Cyber Protect did not properly implement SSL certificate validation, potentially allowing attackers to intercept sensitive data during transmission. This oversight could lead to information disclosure and compromise user security. Users are encouraged to update to the latest versions to mitigate the associated risks.
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved