PT-2023-5799 · Acronis · Acronis Cyber Protect 16+2
Published
2023-10-06
·
Updated
2024-02-27
·
CVE-2023-45244
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis Cyber Protect Cloud Agent versions prior to build 35895
Acronis Cyber Protect 16 versions prior to build 37391
Acronis Agent versions prior to build 35895
Description
The issue is related to errors in authorization, which may allow an attacker to elevate their privileges. This can lead to sensitive information disclosure and manipulation due to missing authorization.
Recommendations
For Acronis Cyber Protect Cloud Agent versions prior to build 35895, update to build 35895 or later.
For Acronis Cyber Protect 16 versions prior to build 37391, update to build 37391 or later.
For Acronis Agent versions prior to build 35895, update to build 35895 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Agent
Acronis Cyber Protect 16
Acronis Cyber Protect Cloud Agent