{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28718", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2026-03-03T02:29:03.753Z", "datePublished": "2026-03-05T23:54:05.522Z", "dateUpdated": "2026-03-09T16:37:56.483Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-03-05T23:54:05.522Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-779", "description": "CWE-779", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect 17", "platforms": ["Linux", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "41186", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8377", "name": "SEC-8377", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "@vultza (https://hackerone.com/vultza)", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T16:37:49.684340Z", "id": "CVE-2026-28718", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T16:37:56.483Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28718", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T16:37:49.684340Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T16:37:53.631Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "@vultza (https://hackerone.com/vultza)"}], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect 17", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "41186", "versionType": "semver"}], "platforms": ["Linux", "Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8377", "name": "SEC-8377", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-779", "description": "CWE-779"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-03-05T23:54:05.522Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28718", "state": "PUBLISHED", "dateUpdated": "2026-03-09T16:37:56.483Z", "dateReserved": "2026-03-03T02:29:03.753Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2026-03-05T23:54:05.522Z", "assignerShortName": "Acronis"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*", "matchCriteriaId": "52FF13FE-B050-4333-B0E3-F7EE4AA98520", "versionEndExcluding": "17.0.41186", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186."}, {"lang": "es", "value": "Denegaci\u00f3n de servicio debido a insuficiente validaci\u00f3n de entrada en el registro de autenticaci\u00f3n. Los siguientes productos est\u00e1n afectados: Acronis Cyber Protect 17 (Linux, Windows) anterior a la compilaci\u00f3n 41186."}], "id": "CVE-2026-28718", "lastModified": "2026-03-12T15:37:14.057", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@acronis.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-06T00:16:12.553", "references": [{"source": "security@acronis.com", "tags": ["Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-8377"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-779"}], "source": "security@acronis.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["linux", "windows"], "status": "affected", "versions": {"scheme": "semver", "value": "[0,41186)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "acronis_cyber_protect_17", "vendor": "acronis"}], "analysis": {"en": {"generated_at": "2026-04-16T11:47:48.412650+00:00", "value": {"mitigation_remediation": ["Upgrade Acronis Cyber Protect 17 to build 41186 or newer to apply the vendor fix for input validation.", "If an upgrade cannot be performed immediately, temporarily disable or reduce authentication logging to mitigate the chance of a DoS attack.", "Implement input sanitization for all authentication log entries, ensuring only expected and safe data is written, following CWE\u2011779 best practices.", "Monitor authentication services for abnormal log activity or repeated failures that may indicate an attempt to trigger the denial of service."], "summary": {"action": "Patch Immediately", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected product is Acronis Cyber Protect 17 on Linux and Windows platforms. Any build prior to 41186 is vulnerable; builds 41186 and later include the fix.", "description_and_impact": "The vulnerability is caused by insufficient input validation in authentication logging, allowing an attacker to inject malformed data that can exhaust resources or crash the logging process. This leads to a denial of service, interrupting the authentication service and causing temporary unavailability for users. No evidence of code execution or data compromise is provided.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a moderate to high severity level. The EPSS score is below 1%, indicating a low probability of immediate exploitation, and the vulnerability is not listed in the CISA KEV catalog. An attacker could craft authentication requests containing malicious payloads targeting the logging component, potentially causing the service to become unavailable. The DoS impact is limited to the authentication subsystem but can disrupt overall system access."}}}}, "created": "2026-03-06T14:56:24.057315+00:00", "title": "DoS via Unvalidated Authentication Logging in Acronis Cyber Protect 17", "updated": "2026-04-16T12:00:11.686818+00:00", "vendors": ["acronis", "acronis$PRODUCT$acronis_cyber_protect_17"]}