cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-45249,https://securityvulnerability.io/vulnerability/CVE-2023-45249,Acronis Cyber Infrastructure Vulnerable to Remote Command Execution Due to Default Passwords,"The vulnerability CVE-2023-45249 affects Acronis Cyber Infrastructure (ACI) and allows for remote command execution due to the use of default passwords. This vulnerability has been exploited in the wild, and threat actors taking advantage of it do not require authentication or user interaction. The impacted versions of ACI are 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132. The vendor, Acronis, has issued updates to mitigate this vulnerability and recommends that all users install the updates immediately. The company has not provided specific details on the nature of the attacks or how to mitigate the risk of exploitation. However, the potential impact could involve remote code execution, with possible implications for cryptojacking and ransomware attacks.",Acronis,Acronis Cyber Infrastructure,9.8,CRITICAL,0.8967099785804749,true,2024-07-29T00:00:00.000Z,true,false,true,2024-07-29T00:00:00.000Z,,false,false,,2024-07-24T14:03:56.481Z,0
CVE-2023-2782,https://securityvulnerability.io/vulnerability/CVE-2023-2782,Sensitive Information Disclosure in Acronis Cyber Infrastructure by Acronis,"This vulnerability presents a risk of sensitive information exposure in Acronis Cyber Infrastructure due to improper authorization processes. Versions of Acronis Cyber Infrastructure prior to build 5.3.1-38 are susceptible, potentially allowing unauthorized access to protected data. It is imperative for users to implement the latest updates to safeguard their systems against exploitation.",Acronis,Acronis Cyber Infrastructure,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-05-18T11:15:00.000Z,0
CVE-2023-2360,https://securityvulnerability.io/vulnerability/CVE-2023-2360,Sensitive Information Disclosure in Acronis Cyber Infrastructure by Acronis,"The vulnerability in Acronis Cyber Infrastructure arises from a misconfiguration in Cross-Origin Resource Sharing (CORS), which can lead to unauthorized access and disclosure of sensitive information. This issue affects versions prior to build 5.2.0-135, posing potential risks to user data and system integrity. It is crucial for users of Acronis Cyber Infrastructure to review their configurations and apply the necessary updates to safeguard against this vulnerability.",Acronis,Acronis Cyber Infrastructure,7.5,HIGH,0.0011699999449774623,false,,false,false,false,,,false,false,,2023-04-28T12:15:00.000Z,0