PT-2023-5796 · Acronis · Acronis Cyber Protect 16+2
Published
2023-10-05
·
Updated
2024-02-27
·
CVE-2023-44211
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis Cyber Protect Cloud Agent versions prior to build 31637
Acronis Cyber Protect 16 versions prior to build 37391
Acronis Agent versions prior to the specified build
Description
The issue is related to errors in authorization, which can allow an attacker to elevate their privileges. This can lead to the disclosure and manipulation of sensitive information due to missing authorization.
Recommendations
For Acronis Cyber Protect Cloud Agent versions prior to build 31637, update to build 31637 or later.
For Acronis Cyber Protect 16 versions prior to build 37391, update to build 37391 or later.
For Acronis Agent versions prior to the specified build, update to the latest version that includes the necessary security fixes.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Agent
Acronis Cyber Protect 16
Acronis Cyber Protect Cloud Agent