CVE-2023-44210

Published: Oct 4, 2023Modified: Mar 6, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29258, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.

Affected (1)

Products: Acronis: Agent

1 product

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Acronis Agent	Version c22.03

Running on/with	Platform Versions
Apple Macos	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (4)

https://security-advisory.acronis.com/SEC-5528

Source: security@acronis.com

PatchVendor Advisory

https://security-advisory.acronis.com/advisories/SEC-2159

Source: security@acronis.com

PatchVendor Advisory

https://security-advisory.acronis.com/SEC-5528

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://security-advisory.acronis.com/advisories/SEC-2159

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.