Lucene search
HistoryAug 31, 2023 - 9:15 p.m.
CVE-2023-41751
cve-2023-41751
information security
token expiration
sensitive information disclosure
acronis agent
windows
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Sensitive information disclosure due to improper token expiration validation. The following products are affected: Acronis Agent (Windows) before build 32047.
Affected configurations
Node
acronisagentRange<c23.03
microsoftwindowsMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| acronis:agent | acronis agent | lt | c23.03 |
CNA Affected
[
{
"vendor": "Acronis",
"product": "Acronis Agent",
"platforms": [
"Windows"
],
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "32047",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2023-41751
2023-08-31 20:18:30
prion
prion
Information disclosure
2023-08-31 21:15:00
nvd
nvd
CVE-2023-41751
2023-08-31 21:15:08
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for CVE-2023-41751