Vulnerabilities > Acronis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-49386 | Privacy Violation vulnerability in Acronis Cyber Files Sensitive information disclosure due to spell-jacking. | 5.7 |
| 2024-10-17 | CVE-2024-49389 | Incorrect Default Permissions vulnerability in Acronis Cyber Files Local privilege escalation due to insecure folder permissions. | 7.8 |
| 2024-10-17 | CVE-2024-49390 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Files Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
| 2024-10-17 | CVE-2024-49391 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Files Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
| 2024-10-17 | CVE-2024-49392 | Cross-site Scripting vulnerability in Acronis Cyber Files Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. | 4.8 |
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
| 2024-10-15 | CVE-2024-49388 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. | 9.1 |