Описание
Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:acronis:true_image:2021:-:*:*:*:macos:*:*
cpe:2.3:a:acronis:true_image:2021:-:*:*:*:windows:*:*
cpe:2.3:a:acronis:true_image:2021:update_1:*:*:*:macos:*:*
cpe:2.3:a:acronis:true_image:2021:update_1:*:*:*:windows:*:*
cpe:2.3:a:acronis:true_image:2021:update_2:*:*:*:macos:*:*
cpe:2.3:a:acronis:true_image:2021:update_2:*:*:*:windows:*:*
cpe:2.3:a:acronis:true_image:2021:update_3:*:*:*:macos:*:*
cpe:2.3:a:acronis:true_image:2021:update_3:*:*:*:windows:*:*
cpe:2.3:a:acronis:true_image:2021:update_4:*:*:*:macos:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.
EPSS
Процентиль: 12%
0.00041
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-287