CVE-2023-45249

Summary

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis Cyber Infrastructureunspecified < 5.0.1-61affected
AcronisAcronis Cyber Infrastructureunspecified < 5.1.1-71affected
AcronisAcronis Cyber Infrastructureunspecified < 5.2.1-69affected
AcronisAcronis Cyber Infrastructureunspecified < 5.3.1-53affected
AcronisAcronis Cyber Infrastructureunspecified < 5.4.4-132affected

Weaknesses

  • CWE-1393: CWE-1393

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

CVE Program Container

Additional References

References