Arq Backup Vulnerability: Reversible Encryption of Backup Encryption Passwords

Arq Backup Vulnerability: Reversible Encryption of Backup Encryption Passwords

CVE-2022-36617 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords.

Learn more about our Web Application Penetration Testing UK.