Description
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
CVSS breakdown
CVSS 3.0
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- Acronis / Acronis Cyber Protect 16unspecified – 38690
References
- VENDOR_ADVISORYhttps://security-advisory.acronis.com/advisories/SEC-7284