CVE-2024-8767

Summary

Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis Backup plugin for cPanel & WHMunspecified < 619affected
AcronisAcronis Backup extension for Pleskunspecified < 555affected
AcronisAcronis Backup plugin for DirectAdminunspecified < 147affected

Weaknesses

  • CWE-250: CWE-250

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References