Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Acronis |
|
No data.
No data.
References
| Link | Providers |
|---|---|
| https://security-advisory.acronis.com/advisories/SEC-4976 |
|
History
Tue, 17 Sep 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Acronis
Acronis backup Extension For Plesk Acronis backup Plugin For Cpanel \& Whm Acronis backup Plugin For Directadmin |
|
| CPEs | cpe:2.3:a:acronis:backup_extension_for_plesk:*:*:*:*:*:*:*:* cpe:2.3:a:acronis:backup_plugin_for_cpanel_\&_whm:*:*:*:*:*:*:*:* cpe:2.3:a:acronis:backup_plugin_for_directadmin:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Acronis
Acronis backup Extension For Plesk Acronis backup Plugin For Cpanel \& Whm Acronis backup Plugin For Directadmin |
|
| Metrics |
ssvc
|
Tue, 17 Sep 2024 09:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147. | |
| Weaknesses | CWE-250 | |
| References |
| |
| Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: Acronis
Published: 2024-09-17T08:51:28.954Z
Updated: 2024-09-17T13:43:37.687Z
Reserved: 2024-09-12T20:55:33.303Z
Link: CVE-2024-8767
Vulnrichment
Updated: 2024-09-17T13:43:14.496Z
NVD
Status : Awaiting Analysis
Published: 2024-09-17T09:15:03.423
Modified: 2024-09-20T12:31:20.110
Link: CVE-2024-8767
Redhat
No data.