Sensitive Information Disclosure in Acronis Cyber Protect Products
CVE-2023-48683

Currently unrated

Key Information:

Vendor: Acronis
Status: Acronis Cyber Protect Cloud Agent; Acronis Cyber Protect 16
Vendor: CVE Published:; 29 April 2024

Summary

A vulnerability in Acronis Cyber Protect products allows for the unauthorized access and manipulation of sensitive information due to inadequate authorization mechanisms. This affects multiple platforms including Linux, macOS, and Windows, potentially exposing users to security risks. Users are advised to upgrade to the latest builds to mitigate this risk.

Affected Version(s)

Acronis Cyber Protect 16 Linux < 39169

Acronis Cyber Protect Cloud Agent Linux < 37758

References

https://security-advisory.acronis.com/advisories/SEC-5899

vendor-advisory

Timeline

Vulnerability published
Apr 29, 2024