CVE-2023-41745

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Acronis Agent versions prior to build 30991 Acronis Cyber Protect 15 versions prior to build 35979

Description The issue is related to sensitive information disclosure due to excessive collection of system information. This is caused by insufficient protection of service data, which may allow an attacker to gain unauthorized access to protected information.

Recommendations For Acronis Agent versions prior to build 30991, update to build 30991 or later to resolve the issue. For Acronis Cyber Protect 15 versions prior to build 35979, update to build 35979 or later to resolve the issue.

Fix

Exposure of Resource to Wrong Sphere

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668CWE-200

Related Identifiers

BDU:2023-05097

CVE-2023-41745

Affected Products

Acronis

Acronis Agent

Acronis Cyber Protect 15

CVE-2023-41745

Weakness Enumeration

Related Identifiers

Affected Products

References · 6