adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: bcoles <bcoles@gmail.com>
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
This commit is contained in:
H00die.Gr3y
2024-09-17 19:00:48 +02:00
committed by GitHub
parent 86c8879270
commit d7fa23f30f
2 changed files with 25 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/modules/exploit/linux/http/acronis_cyber_infra_cve_2023_45249.md
+1 -1
View File
@@ -118,7 +118,7 @@ Description:
cloud-native applications in production environments.
This module exploits a default password vulnerability in ACI which allow an attacker to access
the ACI PostgreSQL database and gain administrative access to the ACI Web Portal.
This opens the door for the attacker to upload ssh keys that enables root acces
This opens the door for the attacker to upload SSH keys that enables root access
to the appliance/server. This attack can be remotely executed over the WAN as long as the
PostgreSQL and SSH services are exposed to the outside world.
ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69,