Lucene search

AcronisCVELIST:CVE-2023-41746

HistoryAug 31, 2023 - 5:53 p.m.

CVE-2023-41746

2023-08-3117:53:48

CWE-20

Acronis

www.cve.org

remote command execution

acronis cloud manager

windows

vulnerability

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON

Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Cloud Manager",
    "platforms": [
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "6.2.23089.203",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-5810

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON

Related for CVELIST:CVE-2023-41746