Vulnerabilities > Acronis > Cyber Protect

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-49382 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in archive-server service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49383 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49384 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49387 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16
Cleartext transmission of sensitive information in acep-collector service.
network
low complexity
acronis CWE-319
7.5
7.5
2024-10-15 CVE-2024-49388 Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16
Sensitive information manipulation due to improper authorization.
network
low complexity
acronis CWE-639
critical
 9.1
9.1
2024-02-27 CVE-2023-48678 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to insecure folder permissions.
local
low complexity
acronis
5.5
5.5
2024-02-27 CVE-2023-48679 Unspecified vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.
network
low complexity
acronis
5.4
5.4
2024-02-27 CVE-2023-48680 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to excessive collection of system information.
local
low complexity
acronis
5.5
5.5
2024-02-27 CVE-2023-48681 Unspecified vulnerability in Acronis Cyber Protect 15
Self cross-site scripting (XSS) vulnerability in storage nodes search field.
network
low complexity
acronis
6.1
6.1
2024-02-27 CVE-2023-48682 Unspecified vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) vulnerability in unit name.
network
low complexity
acronis
5.4
5.4