Backup Agent Vulnerability Allows Access to Network Share Credentials
CVE-2024-39206

Currently unrated

Key Information:

Vendor: MSP360
Vendor: CVE Published:; 2 July 2024

What is CVE-2024-39206?

An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key.

References

https://www.proactivelabs.com.au/2024/06/19/cloudberry.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2024

JSON