CVE-2023-45245

Name of the Vulnerable Software and Affected Versions Acronis Agent versions prior to build 36119

Description The issue is related to errors in authorization, which may allow an attacker to gain unauthorized access to protected information. This is due to missing authorization, leading to sensitive information disclosure. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For versions prior to build 36119, update to a version that includes the necessary security fixes to resolve the authorization issue. As a temporary workaround, consider restricting access to sensitive information until a patch is available. Avoid using any features that rely on the vulnerable authorization mechanism until the issue is resolved.