CVE-2023-44158

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 27, 2023

Updated: Sep 28, 2023

CWE ID 522

Summary

CVE-2023-44158 is a sensitive information disclosure vulnerability that affects Acronis Cyber Protect versions 15 for Linux and Windows, before build 35979. The issue stems from insufficient token field masking, allowing unauthorized users to access sensitive data. The vulnerability could potentially lead to privacy breaches or unintended data exposure. Organizations using the affected Acronis Cyber Protect builds are advised to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Acronis Cyber Protect

Affected Vendors

Acronis International

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sz123E
https://www.cve.org/CVERecord?id=CVE-2023-44158
https://nvd.nist.gov/vuln/detail/CVE-2023-44158

Back to Vulnerability Database