CVSS 3.1 Score 6.5 of 10 (medium)


Published Sep 27, 2023
Updated: Sep 28, 2023
CWE ID 352


CVE-2023-44161 is a vulnerability that involves sensitive information manipulation through cross-site request forgery (CSRF). The affected product is Acronis Cyber Protect 15 (Linux, Windows) before build 35979. This vulnerability has a base severity rating of MEDIUM and a base score of 6.5 according to the National Vulnerability Database (NVD). The exploitability score is 2.8, and the impact score is 3.6. The attack vector is through the network, with LOW attack complexity and HIGH integrity impact. User interaction is required for exploitation, and no privileges are required. The potential danger this vulnerability poses to an organization includes the manipulation of sensitive information with potential repercussions for data integrity. To remediate this vulnerability, users should update Acronis Cyber Protect 15 to build 35979 or a later version that addresses this issue.

Note: Some information has been inferred based on the provided data as there was limited text available for analysis.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44161 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options