CVE-2023-44211

🗓️ 05 Oct 2023 21:14:19Reported by AcronisType

Sensitive information disclosure due to missing authorization in Acronis product

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of backup and data recovery software on computers and servers with Acronis Agent, related to authentication errors, allows attackers to escalate their privileges.	10 Oct 202300:00	–	bdu_fstec
CNNVD	Acronis Agent Security Vulnerability	5 Oct 202300:00	–	cnnvd
CVE	CVE-2023-44211	5 Oct 202321:14	–	cve
EUVD	EUVD-2023-48570	3 Oct 202520:07	–	euvd
NVD	CVE-2023-44211	5 Oct 202322:15	–	nvd
Prion	Authorization	5 Oct 202322:15	–	prion
Positive Technologies	PT-2023-5796 · Acronis · Acronis Cyber Protect 16 +2	5 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-44211	23 May 202504:38	–	redhatcve

[
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect Cloud Agent",
    "platforms": [
      "Linux",
      "macOS",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "31637",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect 16",
    "platforms": [
      "Linux",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "37391",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
security-advisory	www.security-advisory.acronis.com/advisories/SEC-4061

27 Feb 2024 16:46Current

6.9Medium risk

Vulners AI Score6.9

CVSS 37.1

EPSS0.00032

CWE-862