CVE-2023-45249 - OpenCVE

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Acronis	Cyber Infrastructure

Configuration 1 [-]

OR	cpe:2.3:a:acronis:cyber_infrastructure::::::::
	cpe:2.3:a:acronis:cyber_infrastructure::::::::
	cpe:2.3:a:acronis:cyber_infrastructure::::::::
	cpe:2.3:a:acronis:cyber_infrastructure::::::::
	cpe:2.3:a:acronis:cyber_infrastructure::::::::

No data.

References

Link	Providers
https://security-advisory.acronis.com/advisories/SEC-6452
https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/

History

Mon, 12 Aug 2024 22:15:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:acronis:cyber_infrastructure:5.1.1:::::::* cpe:2.3:a:acronis:cyber_infrastructure:5.2.1:::::::* cpe:2.3:a:acronis:cyber_infrastructure:5.3.1:::::::* cpe:2.3:a:acronis:cyber_infrastructure:5.4.4:::::::*
Metrics	kev `{'dateAdded': '2024-07-29'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Acronis

Published: 2024-07-24T14:03:56.481Z

Updated: 2024-08-22T03:55:09.597Z

Reserved: 2023-10-05T21:47:00.379Z

Link: CVE-2023-45249

Vulnrichment

Updated: 2024-08-02T20:14:19.863Z

NVD

Status : Analyzed

Published: 2024-07-24T14:15:04.867

Modified: 2024-07-30T14:34:18.393

Link: CVE-2023-45249

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-45249", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2023-10-05T21:47:00.379Z", "datePublished": "2024-07-24T14:03:56.481Z", "dateUpdated": "2024-08-22T03:55:09.597Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2024-07-24T14:03:56.481Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1393", "description": "CWE-1393", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "platforms": ["ACI"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "5.0.1-61", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "platforms": ["ACI"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "5.1.1-71", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "platforms": ["ACI"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "5.2.1-69", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "platforms": ["ACI"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "5.3.1-53", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "platforms": ["ACI"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "5.4.4-132", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-6452", "name": "SEC-6452", "tags": ["vendor-advisory"]}, {"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}]}, "adp": [{"affected": [{"vendor": "acronis", "product": "cyber_infrastructure", "cpes": ["cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "5.0.1-61", "versionType": "semver"}, {"version": "5.1.1", "status": "affected", "lessThan": "5.1.1-71", "versionType": "semver"}, {"version": "5.2.1", "status": "affected", "lessThan": "5.2.1-69", "versionType": "semver"}, {"version": "5.3.1", "status": "affected", "lessThan": "5.3.1-53", "versionType": "semver"}, {"version": "5.4.4", "status": "affected", "lessThan": "5.4.4-132", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-26T00:00:00+00:00", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2023-45249"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-07-29", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T03:55:09.597Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:14:19.863Z"}, "title": "CVE Program Container", "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-6452", "name": "SEC-6452", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-6452", "name": "SEC-6452", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:14:19.863Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45249", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-29T19:04:16.364598Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-07-29", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "affected": [{"cpes": ["cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"], "vendor": "acronis", "product": "cyber_infrastructure", "versions": [{"status": "affected", "version": "0", "lessThan": "5.0.1-61", "versionType": "semver"}, {"status": "affected", "version": "5.1.1", "lessThan": "5.1.1-71", "versionType": "semver"}, {"status": "affected", "version": "5.2.1", "lessThan": "5.2.1-69", "versionType": "semver"}, {"status": "affected", "version": "5.3.1", "lessThan": "5.3.1-53", "versionType": "semver"}, {"status": "affected", "version": "5.4.4", "lessThan": "5.4.4-132", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T18:10:07.414Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "5.0.1-61", "versionType": "semver"}], "platforms": ["ACI"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "5.1.1-71", "versionType": "semver"}], "platforms": ["ACI"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "5.2.1-69", "versionType": "semver"}], "platforms": ["ACI"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "5.3.1-53", "versionType": "semver"}], "platforms": ["ACI"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Infrastructure", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "5.4.4-132", "versionType": "semver"}], "platforms": ["ACI"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-6452", "name": "SEC-6452", "tags": ["vendor-advisory"]}, {"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/"}], "descriptions": [{"lang": "en", "value": "Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1393", "description": "CWE-1393"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2024-07-24T14:03:56.481Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45249", "state": "PUBLISHED", "dateUpdated": "2024-08-22T03:55:09.597Z", "dateReserved": "2023-10-05T21:47:00.379Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2024-07-24T14:03:56.481Z", "assignerShortName": "Acronis"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-08-19", "cisaExploitAdd": "2024-07-29", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A50BD85-127D-48B6-BEDE-00CA3BAFCBAD", "versionEndExcluding": "5.0.1-61", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5337751-14F1-4E10-80F3-EF7ED6D4B2B1", "versionEndExcluding": "5.1.1-71", "versionStartIncluding": "5.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "29CDCE6A-0B62-4FE6-8033-0C790B81BF6A", "versionEndExcluding": "5.2.1-69", "versionStartIncluding": "5.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "6125F2EC-7736-4088-AA1F-3017713AB03E", "versionEndExcluding": "5.3.1-53", "versionStartIncluding": "5.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC427A5A-F1D5-4DEA-A005-BC4676668571", "versionEndExcluding": "5.4.4-132", "versionStartIncluding": "5.4.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132."}, {"lang": "es", "value": "Ejecuci\u00f3n remota de comandos debido al uso de contrase\u00f1as predeterminadas. Los siguientes productos se ven afectados: Acronis Cyber Infrastructure (ACI) anterior a la compilaci\u00f3n 5.0.1-61, Acronis Cyber Infrastructure (ACI) anterior a la compilaci\u00f3n 5.1.1-71, Acronis Cyber Infrastructure (ACI) anterior a la compilaci\u00f3n 5.2.1-69, Acronis Cyber Infraestructura (ACI) anterior a la compilaci\u00f3n 5.3.1-53, Acronis Cyber Infrastructure (ACI) anterior a la compilaci\u00f3n 5.4.4-132."}], "id": "CVE-2023-45249", "lastModified": "2024-07-30T14:34:18.393", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@acronis.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-24T14:15:04.867", "references": [{"source": "security@acronis.com", "tags": ["Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-6452"}, {"source": "security@acronis.com", "tags": ["Press/Media Coverage"], "url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1393"}], "source": "security@acronis.com", "type": "Secondary"}]}