CVE-2023-44210
CVSS 3.1 Score 5.5 of 10 (medium)
Attack Complexity low
Confidentiality high
Privileges Required low
Integrity none
Availability none
Scope unchanged
Details
Published Oct 4, 2023
Updated: Oct 6, 2023
CWE ID 862
Summary
CVE-2023-44210 is a vulnerability affecting Acronis Agent versions prior to build 29258 on Linux, macOS, and Windows platforms. This issue permits unauthorized access to sensitive information and allows manipulation, posing a risk to data security. The vulnerability stems from a missing authorization mechanism, enabling unauthenticated users to gain unintended access and potentially cause harm. Organizations and individuals using the affected versions are strongly encouraged to update to the latest build to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Acronis Agent
Affected Vendors
- Acronis International