CVE-2023-48676

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-48676
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36943.

7.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://security-advisory.acronis.com/advisories/SEC-5905 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:acronis:cyber_protect_cloud_agent:21:update12:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:21:update3:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:21:update6:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:21:update7:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update10:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update11:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update2:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update3:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update5:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update7:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update8:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:22:update9:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:uddate1:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update10:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update11:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update12:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update2:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update3:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update5:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update6:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update7:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update8:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect_cloud_agent:23:update9:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-12-14 14:15

Updated : 2023-12-19 14:20

NVD link : CVE-2023-48676

Mitre link : CVE-2023-48676

CVE.ORG link : CVE-2023-48676

JSON object : View

Products Affected

microsoft

  • windows

acronis

  • cyber_protect_cloud_agent
CWE
CWE-862

Missing Authorization