CVE-2025-30413

Medium CVSS: 4.4

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.

Vendor

Acronis

Product

Agent

CWE

CWE-732

Yayın Tarihi

2026-03-06 00:16:10

Güncelleme

2026-03-13 16:33:03

Source Identifier

security@acronis.com

KEV Date Added

Kategoriler

CWE-732 Agent MEDIUM Acronis 2026

Referanslar

https://security-advisory.acronis.com/SEC-9386 https://security-advisory.acronis.com/advisories/SEC-8658

Benzer Kayıtlar

High

CVE-2026-28721

Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protec…

High

CVE-2026-28722

Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protec…

Medium

CVE-2026-28723

Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Prot…

Medium

CVE-2026-28724

Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyb…

Medium

CVE-2026-28725

Sensitive information disclosure due to improper configuration of a headless browser. The following products are affecte…

Medium

CVE-2026-28726

Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Prot…