CVE-2024-8767

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-8767
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147.

9.9 /10

CVSS v3 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://security-advisory.acronis.com/advisories/SEC-4976
Configurations

No configuration.

History

20 Sep 2024, 12:31

Type Values Removed Values Added
Summary
  • (es) Divulgación y manipulación de datos confidenciales debido a la asignación innecesaria de privilegios. Los siguientes productos se ven afectados: complemento de Acronis Backup para cPanel y WHM (Linux) anterior a la compilación 619, extensión de Acronis Backup para Plesk (Linux) anterior a la compilación 555, complemento de Acronis Backup para DirectAdmin (Linux) anterior a la compilación 147.

17 Sep 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-17 09:15

Updated : 2024-09-20 12:31

NVD link : CVE-2024-8767

Mitre link : CVE-2024-8767

CVE.ORG link : CVE-2024-8767

JSON object : View

Products Affected

No product.

CWE
CWE-250

Execution with Unnecessary Privileges


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024