Vulnerability DatabaseCVE-2022-44745

CVE-2022-44745:
Acronis Cyber Protect Home Office vulnerability analysis and mitigation

Overview

Sensitive information leak through log files affects Acronis Cyber Protect Home Office (Windows) versions before build 40107 (NVD, CISA). The vulnerability was disclosed on November 7, 2022.

Technical details

The vulnerability has a CVSS v3.1 base score of 5.5 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. This indicates local access is required, low attack complexity, low privileges required, no user interaction needed, unchanged scope, high confidentiality impact, and no impact to integrity or availability. The vulnerability is classified under CWE-532 (Insertion of Sensitive Information into Log File) (NVD).

Impact

The vulnerability allows exposure of sensitive information through log files, potentially compromising confidentiality of system data. The high confidentiality impact rating suggests that sensitive information could be completely disclosed to an attacker with access to the log files (NVD).

Mitigation and workarounds

Users should upgrade Acronis Cyber Protect Home Office (Windows) to build 40107 or later to address this vulnerability (Vendor Advisory).

Additional resources

Source: This report was generated using AI

Related Acronis Cyber Protect Home Office vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2023-44208	CRITICAL	9.1	Acronis Cyber Protect Home Office	cpe:2.3:a:acronis:cyber_protect_home_office	No	Yes	Oct 04, 2023
CVE-2023-48677	HIGH	7.8	Acronis Cyber Protect Home Office	cpe:2.3:a:acronis:cyber_protect_home_office	No	Yes	Dec 12, 2023
CVE-2022-46869	HIGH	7.8	Acronis Cyber Protect Home Office	cpe:2.3:a:acronis:cyber_protect_home_office	No	Yes	Aug 31, 2023
CVE-2023-41743	HIGH	7.8	Acronis Cyber Protect Home Office	cpe:2.3:a:acronis:cyber_protect	No	Yes	Aug 31, 2023
CVE-2023-5042	HIGH	7.5	Acronis Cyber Protect Home Office	cpe:2.3:a:acronis:cyber_protect_home_office	No	Yes	Sep 20, 2023

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2022-44745: Acronis Cyber Protect Home Office vulnerability analysis and mitigation