CVE-2023-45240

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Oct 5, 2023

Updated: Oct 10, 2023

CWE ID 862

Summary

CVE-2023-45240 is a vulnerability affecting Acronis Agent versions prior to build 35739. This issue results in the disclosure of sensitive information due to insufficient authorization checks. The vulnerability can potentially impact installations on Linux, macOS, and Windows systems, posing a risk to data confidentiality. Attackers may exploit this issue to gain unauthorized access to protected data, emphasizing the importance of updating to the latest product build to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Acronis Agent

Affected Vendors

Acronis International

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s5rDFi
https://www.cve.org/CVERecord?id=CVE-2023-45240
https://nvd.nist.gov/vuln/detail/CVE-2023-45240

Back to Vulnerability Database