CVE-2023-45246

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Cloud Agent versions prior to build 36343 Acronis Cyber Protect 16 versions prior to build 39169 Acronis Agent versions prior to build 36343

Description The issue is related to sensitive information disclosure and manipulation due to missing authorization or improper authentication. This allows an attacker to gain unauthorized access to protected information.

Recommendations For Acronis Cyber Protect Cloud Agent versions prior to build 36343, update to a version after build 36343 to resolve the issue. For Acronis Cyber Protect 16 versions prior to build 39169, update to a version after build 39169 to resolve the issue. For Acronis Agent versions prior to build 36343, update to a version after build 36343 to resolve the issue.

Fix

Missing Authorization

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-287

Related Identifiers

BDU:2023-06484

CVE-2023-45246

Affected Products

Acronis Agent

Acronis Cyber Protect 16

Acronis Cyber Protect Cloud Agent

CVE-2023-45246

Weakness Enumeration

Related Identifiers

Affected Products

References · 10