PT-2023-5801 · Acronis · Acronis Cyber Protect 16+2
Published
2023-10-09
·
Updated
2025-01-02
·
CVE-2023-45247
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis Cyber Protect Cloud Agent versions before build 36497
Acronis Cyber Protect 16 versions before build 39169
Acronis Agent versions before build 36497
Description
The issue is related to sensitive information disclosure and manipulation due to missing authorization. This could allow an attacker to elevate their privileges.
Recommendations
For Acronis Cyber Protect Cloud Agent versions before build 36497, update to build 36497 or later.
For Acronis Cyber Protect 16 versions before build 39169, update to build 39169 or later.
For Acronis Agent versions before build 36497, update to build 36497 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Agent
Acronis Cyber Protect 16
Acronis Cyber Protect Cloud Agent