Published: 21/09/2020 Updated: 01/10/2020

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 6.5 | Impact Score: 2.5 | Exploitability Score: 3.9

VMScore: 571

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

An issue exists in Acronis Cyber Backup prior to 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572.

Vulnerable Product	Search on Vulmon	Subscribe to Product
acronis cyber backup
acronis cyber backup 12.5

Acronis Cyber Backup version 125 Build 16341 suffers from a server-side request forgery vulnerability ...

CWE-918 http://seclists.org/fulldisclosure/2020/Sep/33 https://www.rcesecurity.com/2020/09/CVE-2020-16171-Exploiting-Acronis-Cyber-Backup-for-Fun-and-Emails/https://nvd.nist.gov https://packetstormsecurity.com/files/159192/Acronis-Cyber-Backup-12.5-Build-16341-Server-Side-Request-Forgery.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-16171

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect