CVE-2023-45249

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-1393
View all →

Vulnerability Description

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

Related Vulnerabilities

CVE-2022-4126

CRITICAL
CVSS:9.8(Critical)

Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207.

CWE-13932022

CVE-2023-25131

CRITICAL
CVSS:9.8(Critical)

Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remot...

CWE-13932023

CVE-2023-28094

CRITICAL
CVSS:9.8(Critical)

Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials.

CWE-13932023

CVE-2023-32090

CRITICAL
CVSS:9.8(Critical)

Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials

CWE-13932023

CVE-2024-29666

CRITICAL
CVSS:9.8(Critical)

Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through v.7.32.0.3 allows a remote attacker to escalate privileges via the default password component.

CWE-13932024

CVE-2024-30802

CRITICAL
CVSS:9.8(Critical)

An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component.

CWE-13932024