CVE-2023-41747

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Acronis Cloud Manager (Windows) versions before 6.2.23089.203

Description The issue is related to sensitive information disclosure due to unauthenticated path traversal and improper input validation. This allows a remote attacker to access confidential information.

Recommendations For versions before 6.2.23089.203, update to a version 6.2.23089.203 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until a patch is applied.

Fix

RCE

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-22

Related Identifiers

BDU:2023-05941

CVE-2023-41747

Affected Products

Acronis Cloud Manager

CVE-2023-41747

Weakness Enumeration

Related Identifiers

Affected Products

References · 8