CVE-2023-45249
CRITICALCVSS v3
9.8
CRITICAL
EPSS Score
93.2%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
Technical Details
- Published
- 7/24/2024
Frequently Asked Questions
What is CVE-2023-45249?
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
Is CVE-2023-45249 actively exploited?
Active exploitation of CVE-2023-45249 has not been confirmed. The EPSS score is 93.2%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2023-45249?
CVE-2023-45249 has a CVSS v3 base score of 9.8 (CRITICAL severity).
Is CVE-2023-45249 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.