# Advisory on CVE-2023-45247
## Sensitive information disclosure and manipulation due to missing authorization
On October 9, 2023, Acronis disclosed a vulnerability in its Acronis Agent for Linux, Mac, and Windows. This vulnerability may allow an unauthorized attacker to view and manipulate antivirus and antimalware protection plans applied to a specific agent. [CVE-2023-45247](https://nvd.nist.gov/vuln/detail/CVE-2023-45247) ID has been assigned to this vulnerability and classified as having high severity.
## Impacted IONOS Cloud products
| Product Ranges | Product | Impacted | Mitigated | Patch Status |
| ---------------- | -------------------------------------------------------------------------------------------------------------------------------- | -------- | -------------- | -------------- |
| Storage & Backup | [Backup Service](https://docs.ionos.com/sections-test/guides/storage-and-backup/backup-service) | No | Not applicable | Not applicable |
| Storage & Backup | Acronis Agent for Windows, Linux, and Mac | Yes | Yes | Done |
## What action has IONOS Cloud taken to mitigate the severity?
IONOS and Acronis are in constant communication to gain a deeper understanding of this vulnerability and also ensure that:
* There are no signs of active exploitation resulting from the vulnerability. For more information, see [Acronis Cyber Protect Cloud Agent update C23.10](https://security-advisory.acronis.com/updates/UPD-2310-1f44-6b41).
* The vulnerability does not allow unauthorized access to IONOS Cloud customers’ backup data. IONOS Cloud will publish the non-vulnerable versions of agents when Acronis shares the information, estimated to be by the end of November 2023.
## How can I get help?
If you have further questions or concerns about this vulnerability, contact [IONOS Cloud Support](https://docs.ionos.com/cloud/support/general-information/contact-information).