Sensitive Information Leak in Acronis Cyber Protect Products by Acronis
CVE-2023-45241
4.4MEDIUM
Key Information:
- Vendor
- Acronis
- Vendor
- CVE Published:
- 5 October 2023
Summary
A vulnerability has been identified in Acronis Cyber Protect Cloud Agent and Acronis Cyber Protect 16 that allows for sensitive information to be leaked through log files. This issue affects multiple platforms including Linux, macOS, and Windows, making it critical for users to update their software to the latest builds to mitigate the risk of data exposure. Users are encouraged to consult Acronis security advisories for comprehensive guidance on remediation steps.
Affected Version(s)
Acronis Cyber Protect 16 Linux < 37391
Acronis Cyber Protect Cloud Agent Linux < 35739
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved