Lucene search

K
nvd[email protected]NVD:CVE-2023-45246
HistoryOct 06, 2023 - 11:15 a.m.

CVE-2023-45246

2023-10-0611:15:11
CWE-862
web.nvd.nist.gov
5
authentication
sensitive information
data manipulation
acronis agent
linux
macos
windows

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.0%

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343.

Affected configurations

Nvd
Node
acronisagentRange<c23.09
AND
applemacosMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
VendorProductVersionCPE
acronisagent*cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.0%

Related for NVD:CVE-2023-45246