Sensitive Information Leak in Acronis Cyber Protect Home Office
CVE-2022-44745

4MEDIUM

Key Information:

Vendor: Acronis
Status: Acronis Cyber Protect Home Office
Vendor: CVE Published:; 7 November 2022

Summary

A vulnerability in Acronis Cyber Protect Home Office allows sensitive information to be unintentionally exposed through log files. This issue can lead to potential data breaches, as unauthorized individuals may access confidential data contained in these logs. Users should ensure they are using the latest version (build 40107 or later) to mitigate this risk. For detailed information, refer to the vendor advisory at SEC-3481.

Affected Version(s)

Acronis Cyber Protect Home Office Windows 0 < 40107

References

https://security-advisory.acronis.com/advisories/SEC-3481

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 7, 2022
Vulnerability Reserved
Nov 4, 2022