Sensitive Information Leak in Acronis Cyber Protect Products by Acronis
CVE-2023-45241

4.4MEDIUM

Key Information:

Vendor
Acronis
Vendor
CVE Published:
5 October 2023

Summary

A vulnerability has been identified in Acronis Cyber Protect Cloud Agent and Acronis Cyber Protect 16 that allows for sensitive information to be leaked through log files. This issue affects multiple platforms including Linux, macOS, and Windows, making it critical for users to update their software to the latest builds to mitigate the risk of data exposure. Users are encouraged to consult Acronis security advisories for comprehensive guidance on remediation steps.

Affected Version(s)

Acronis Cyber Protect 16 Linux < 37391

Acronis Cyber Protect Cloud Agent Linux < 35739

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.