Lucene search

AcronisCVELIST:CVE-2023-41745

HistoryAug 31, 2023 - 5:16 p.m.

CVE-2023-41745

2023-08-3117:16:56

CWE-200

Acronis

www.cve.org

sensitive information

disclosure

acronis agent

acronis cyber protect 15

linux

macos

windows

build 30991

build 35979

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

9.0%

JSON

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Agent",
    "platforms": [
      "Linux",
      "macOS",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "30991",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect 15",
    "platforms": [
      "Linux",
      "macOS",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "35979",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-2008

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-41745