CVE-2017-3219

EPSS 0.5%CWE-311

Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.

Affected products

Acronis · True Image

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.kb.cert.org/vuls/id/489392 http://www.securityfocus.com/bid/99128