Sensitive Information Leak in Acronis Cyber Protect Home Office
CVE-2022-44745

4MEDIUM

Key Information:

Vendor
Acronis
Vendor
CVE Published:
7 November 2022

Summary

A vulnerability in Acronis Cyber Protect Home Office allows sensitive information to be unintentionally exposed through log files. This issue can lead to potential data breaches, as unauthorized individuals may access confidential data contained in these logs. Users should ensure they are using the latest version (build 40107 or later) to mitigate this risk. For detailed information, refer to the vendor advisory at SEC-3481.

Affected Version(s)

Acronis Cyber Protect Home Office Windows 0 < 40107

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.