Sensitive Information Disclosure in Acronis Backup Plugin for cPanel & WHM
CVE-2024-34015
3.3LOW
Key Information:
- Vendor
- Acronis
- Vendor
- CVE Published:
- 11 November 2024
Summary
The Acronis Backup plugin for cPanel & WHM has a vulnerability that allows for sensitive information disclosure during file browsing. This occurs due to improper handling of symbolic links, which can expose critical user and system data, creating significant data security risks. Affected users are urged to update to build 818 or later to mitigate this exposure.
Affected Version(s)
Acronis Backup plugin for cPanel & WHM Linux < 1.8.3.818
Acronis Backup plugin for cPanel & WHM Linux < 1.9.1.892
References
CVSS V3.0
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published