Vulnerabilities > CVE-2024-49384 - Unspecified vulnerability in Acronis Cyber Protect 16

CVSS 4.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

low complexity

acronis

NVD

Published: 2024-10-15

Updated: 2024-10-16

Summary

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

Vulnerable Configurations

Part	Description	Count
Application	Acronis Acronis Cyber Protect 16	2
OS	Linux Linux Linux Kernel -	1
OS	Microsoft Microsoft Windows -	1

References

https://security-advisory.acronis.com/advisories/SEC-7284