10
CVE-2025-30412
- EPSS 0.55%
- Veröffentlicht 20.02.2026 00:30:33
- Zuletzt bearbeitet 12.03.2026 18:10:57
- Quelle security@acronis.com
- CVE-Watchlists
- Unerledigt
LoginSensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Acronis ≫ Cyber Protect Version15 Update-
Acronis ≫ Cyber Protect Version15 Updateupdate1
Acronis ≫ Cyber Protect Version15 Updateupdate2
Acronis ≫ Cyber Protect Version15 Updateupdate3
Acronis ≫ Cyber Protect Version15 Updateupdate4
Acronis ≫ Cyber Protect Version15 Updateupdate5
Acronis ≫ Cyber Protect Version15 Updateupdate6
Acronis ≫ Cyber Protect Version16 Update-
Acronis ≫ Cyber Protect Version16 Updateupdate1
Acronis ≫ Cyber Protect Version16 Updateupdate2
Acronis ≫ Cyber Protect Version16 Updateupdate3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.55% | 0.417 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@acronis.com | 10 | 3.9 | 6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
CWE-1390 Weak Authentication
The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
https://security-advisory.acronis.com/advisories/SEC-8598