Lucene search

[email protected]CVE-2023-44155

HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-44155

2023-09-2715:19:37

CWE-532

[email protected]

web.nvd.nist.gov

cve-2023-44155

sensitive information leak

log files

acronis cyber protect 15

linux

windows

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

Affected configurations

NVD

Node

acroniscyber_protectRange<15

acroniscyber_protectMatch15-

acroniscyber_protectMatch15update1

acroniscyber_protectMatch15update2

acroniscyber_protectMatch15update3

acroniscyber_protectMatch15update4

acroniscyber_protectMatch15update5

AND

linuxlinux_kernelMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
acronis:cyber_protectacronis cyber protectlt15

CPE	Name	Operator	Version
acronis:cyber_protect	acronis cyber protect	lt	15

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect 15",
    "platforms": [
      "Linux",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "35979",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-3471

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for CVE-2023-44155

prion1 cvelist1 nvd1