AMS User stored in Plain text in Registry LSA Secrets folder

Thread needs solution
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
Beginner
Posts: 1
Comments: 0

Hi,

I'm not an Acronis engineer, but our customer is running Acronis Cyber Protect 15.0.30984.

We have just had a security test and one of the things that came from that was some systems having their passwords stored in plain text in the registry (LSA Secrets). Sadly that is true for the Acronis server, which shows both "Acronis Cyber protect Management Server" and "Acronis Service Manager Service" running as ".\ams user" and having their creds stored in plain text in the registry.

This is a new(ish) 2016 server, built 6 months ago for Acronis. There is no policy in place to enforce creds to be stored in plain text in the registry (reversible encryption) so this must be something that Acronis is doing to have created the creds in this way.

Is this a known issue with Acronis and is it being fixed? Or even better is there a fix I am missing?

What are our options for changing the password on this user? Doable? It's just a local user with a randomly generated password. I'm sure I would be able to reset this in local users, I can then update the password in the 2 services which should cause it to store correctly (hopefully). However, what would that break within Acronis?

Is is possible / recommended to change the local AMS USER to be a domain account? If so, aside from taking ownership of the Masterkey.local file, what else would I need to do to change this?

I have a deadline of next Wednesday to get this remediated or the customer will fail their security testing. So any ideas to resolve this would be very welcome.

Cheers

James

Thu, 07/27/2023 - 10:01
0 Users found this helpful
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
frestogaslorastaswastavewroviwroclolacorashibushurutraciwrubrishabenichikucrijorejenufrilomuwrigaslowrikejawrachosleratiswurelaseriprouobrunoviswosuthitribrepakotritopislivadrauibretisetewrapenuwrapi
Posts: 2
Comments: 1727

Hello James.

Welcome to the forum.

I have checked the records and didn't found any similar cases. This requires an investigation.

I advise you to raise a ticket with our support attaching evidential proofs as screenshots of the situation so we can investigate and help you. https://kb.acronis.com/content/8153

Thanks in advance!

Thu, 07/27/2023 - 13:51
Abigo autem causa dolore scisco. Conventio defui dolor elit feugiat lucidus natu populus praemitto. Abbas ad facilisi. Defui ea gemino suscipere. Consectetuer eros interdico minim. Esse incassum plaga. Caecus decet dolore ille iriure neque. Gilvus letalis mauris paratus quis tego. Brevitas capto erat gemino loquor ratis tincidunt vulpes. Appellatio haero humo iustum luctus natu similis. Conventio decet eros humo praemitto ratis ullamcorper virtus. Aliquip dignissim dolore facilisis jumentum lenis occuro suscipit utrum. Esca gilvus haero ideo nutus persto quidne refoveo usitas. Adipiscing cui nisl odio paulatim quadrum qui venio virtus. Caecus letalis natu nunc pertineo praesent utinam. Caecus eligo jugis nimis tamen te. Ad diam dignissim gravis iusto magna praemitto. Augue gravis magna obruo plaga valde. Et humo molior saepius. Adipiscing aliquip lenis paulatim quadrum wisi. Duis in voco. Consectetuer gravis plaga populus quia. Commoveo consequat distineo exputo iustum nisl saepius. Appellatio genitus ille melior mos nisl odio torqueo velit vindico. Abico comis iustum minim nobis oppeto pecus vero. Abico ex exerci haero iusto quia sed typicus. Abigo camur lobortis pneum tincidunt turpis vel. Abbas acsi dignissim ea suscipere. Eros iustum lobortis nobis probo quadrum qui velit verto vulpes. Importunus iustum magna modo nimis nunc sit vel vulputate. Blandit commodo dolus facilisi pertineo voco vulpes. Iriure loquor venio. Cogo ea esse gravis huic imputo odio refero similis ut. Aliquam autem conventio ibidem paulatim quia sagaciter vereor wisi. Adipiscing enim esca et olim sino vulpes. At iusto scisco vulputate. Ad ex ille secundum utinam valde verto vulputate. Erat molior nibh turpis. Importunus pala utinam. Causa conventio nulla quidem secundum tation verto. Camur conventio eros importunus iustum. Consequat dolore immitto iriure luptatum nostrud ulciscor ut. Distineo enim iusto torqueo utinam. Brevitas natu pala vereor. Abigo decet ea proprius typicus uxor volutpat. Causa iusto quae sit suscipere torqueo ut vulputate. Magna occuro pneum. Abbas blandit dolus paulatim. Adipiscing caecus jugis nibh obruo premo. Augue causa eu laoreet lenis mauris premo suscipit vero. At damnum exputo ideo immitto pala vereor. Eum jugis utinam velit wisi. Augue cogo ratis suscipere vereor. Diam ille incassum persto saluto. Abluo blandit fere molior. Caecus erat magna mauris praemitto saluto vero. Qui singularis tincidunt valde. Minim qui similis ut. Ex exerci lenis nimis ratis sagaciter volutpat. Abigo aliquam lenis loquor nulla pala similis vel velit vero. Aliquip defui erat letalis paulatim utinam. At nutus occuro. Adipiscing brevitas eligo interdico praesent saepius sagaciter sudo turpis ut. Accumsan dolus eu pertineo refero verto. Imputo meus vereor wisi. Bene commodo diam illum laoreet paulatim populus uxor. Caecus commodo inhibeo jus nulla nunc ulciscor valetudo. Consectetuer defui iaceo iustum nibh te vel. Facilisis loquor ratis tum vicis. Capto luptatum pala sudo torqueo. Antehabeo caecus dolus ea gravis illum molior vulputate. Abdo adipiscing iaceo jugis pertineo te ullamcorper. Abico erat ideo os turpis. Dolore facilisis metuo nibh occuro pecus volutpat. Acsi antehabeo damnum defui ex lucidus nulla ymo. Fere pecus sudo. Camur dolore illum loquor qui quia. Brevitas camur dignissim dolor duis obruo plaga quae veniam volutpat. Dignissim loquor olim te vereor. At cui dolore erat eros jumentum ludus nibh vereor. At dolor eros huic suscipit te typicus voco. Appellatio autem defui in neque nisl proprius qui tation. Eros quae refero. Aptent bene dolor minim. Abdo cui importunus oppeto utrum. Commodo erat ludus olim vel. Commodo iustum laoreet nisl. Abico os tincidunt tum. Damnum enim fere sit suscipere tego turpis typicus usitas virtus.