CVE-2022-45450 MEDIUM

CVE-2022-45450

Vendor Acronis
Product Acronis Agent
Weakness CWE-285
Published May 18, 2023
Last update January 22, 2025

CVSS base score

5.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.

Key dates

02Disclosure timeline

May 18, 2023 CVE published
January 22, 2025 Record updated