7.8
CVE-2021-44204
- EPSS 0.04%
- Published 04.02.2022 23:15:12
- Last modified 21.11.2024 06:30:34
- Source security@acronis.com
- Teams watchlist Login
- Open Login
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Data is provided by the National Vulnerability Database (NVD)
Acronis ≫ True Image Version2021 SwPlatform-
Acronis ≫ True Image Version2021 Updateupdate_1 SwPlatformwindows
Acronis ≫ True Image Version2021 Updateupdate_2 SwPlatformwindows
Acronis ≫ True Image Version2021 Updateupdate_3 SwPlatformwindows
Acronis ≫ True Image Version2021 Updateupdate_4 SwPlatformwindows
Acronis ≫ True Image Version2021 Updateupdate_5 SwPlatformwindows
Acronis ≫ Cyber Protect Version15 Update-
Acronis ≫ Cyber Protect Version15 Updateupdate1
Acronis ≫ Cyber Protect Version15 Updateupdate2
Acronis ≫ Cyber Protect Home Office Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.101 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
CWE-285 Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.