CVE-2023-45249
Severity:
CRITICAL
Type:
CWE-287
Authentication Issues
Publication date:
24/07/2024
Last modified:
26/07/2024
Description
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:* | 5.0.1-61 (excluding) | |
cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:* | 5.1.1 (including) | 5.1.1-71 (excluding) |
cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:* | 5.2.1 (including) | 5.2.1-69 (excluding) |
cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:* | 5.3.1 (including) | 5.3.1-53 (excluding) |
cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:* | 5.4.4 (including) | 5.4.4-132 (excluding) |
To consult the complete list of CPE names with products and versions, see this page