Lucene search

[email protected]NVD:CVE-2023-45244

HistoryOct 06, 2023 - 10:15 a.m.

CVE-2023-45244

2023-10-0610:15:18

CWE-862

[email protected]

web.nvd.nist.gov

sensitive information

authorization

acronis cyber protect cloud agent

linux

macos

windows

acronis cyber protect 16

build 35895

build 37391

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.

Affected configurations

Nvd

Node

acronisagentRange<c23.07

AND

applemacosMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

VendorProductVersionCPE
acronisagent*cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
acronis	agent	*	cpe:2.3:a:acronis:agent::::::::
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

security-advisory.acronis.com/advisories/SEC-5907

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-45244

prion1 cvelist1 cve1 kitploit1