CVE-2023-45249

2024-07-2414:03:56

CWE-1393

Acronis

www.cve.org

acronis cyber infrastructure

remote command execution

default passwords

cve-2023-45249

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.122

Percentile

95.5%

JSON

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Infrastructure",
    "platforms": [
      "ACI"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "5.0.1-61",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Infrastructure",
    "platforms": [
      "ACI"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "5.1.1-71",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Infrastructure",
    "platforms": [
      "ACI"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "5.2.1-69",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Infrastructure",
    "platforms": [
      "ACI"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "5.3.1-53",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Infrastructure",
    "platforms": [
      "ACI"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "5.4.4-132",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]