CVE-2023-44210

CVSS 3.1 Score 5.5 of 10 (medium)

Attack Complexity low
Confidentiality high
Privileges Required low
Integrity none
Availability none
Scope unchanged

Details

Published Oct 4, 2023
Updated: Oct 6, 2023
CWE ID 862

Summary

CVE-2023-44210 is a vulnerability affecting Acronis Agent versions prior to build 29258 on Linux, macOS, and Windows platforms. This issue permits unauthorized access to sensitive information and allows manipulation, posing a risk to data security. The vulnerability stems from a missing authorization mechanism, enabling unauthenticated users to gain unintended access and potentially cause harm. Organizations and individuals using the affected versions are strongly encouraged to update to the latest build to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Acronis Agent

Affected Vendors

  • Acronis International