What the vulnerability does
01Description
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
CVSS base score
7.7/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Key dates
02Disclosure timeline
July 16, 2024
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-24012 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS
CVE-2022-39385 Users erroneously and transparently added to private messages in Discourse
CVE-2022-0708 Team Creator's Email Address is disclosed to Team Members via one of the APIs
CVE-2019-15594
CVE-2025-49150 Cursor Agent Potentially Leaks Information using JSON schema
