CVE-2023-44160

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect 15 versions before build 35979

Description The issue is related to sensitive information manipulation due to cross-site request forgery, which may allow a remote attacker to access confidential information. This is caused by insufficient authentication of executed requests.

Recommendations For Acronis Cyber Protect 15 versions before build 35979, update to a version that includes build 35979 or later to resolve the issue. As a temporary workaround, consider implementing additional authentication measures to minimize the risk of exploitation. Restrict access to sensitive information and functions to minimize potential damage until the update is applied.