// For flags

CVE-2024-8767

 

Severity Score

9.9
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147.

Divulgación y manipulación de datos confidenciales debido a la asignación innecesaria de privilegios. Los siguientes productos se ven afectados: complemento de Acronis Backup para cPanel y WHM (Linux) anterior a la compilación 619, extensión de Acronis Backup para Plesk (Linux) anterior a la compilación 555, complemento de Acronis Backup para DirectAdmin (Linux) anterior a la compilación 147.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2024-09-12 CVE Reserved
  • 2024-09-17 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-18 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-250: Execution with Unnecessary Privileges
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Acronis
Search vendor "Acronis"
Acronis Backup Plugin For CPanel & WHM
Search vendor "Acronis" for product "Acronis Backup Plugin For CPanel & WHM"
< 619
Search vendor "Acronis" for product "Acronis Backup Plugin For CPanel & WHM" and version " < 619"
en
Affected
Acronis
Search vendor "Acronis"
Acronis Backup Extension For Plesk
Search vendor "Acronis" for product "Acronis Backup Extension For Plesk"
< 555
Search vendor "Acronis" for product "Acronis Backup Extension For Plesk" and version " < 555"
en
Affected
Acronis
Search vendor "Acronis"
Acronis Backup Plugin For DirectAdmin
Search vendor "Acronis" for product "Acronis Backup Plugin For DirectAdmin"
< 147
Search vendor "Acronis" for product "Acronis Backup Plugin For DirectAdmin" and version " < 147"
en
Affected