Vulnerabilities > Acronis > Cyber Protect
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-02 | CVE-2024-55540 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
2025-01-02 | CVE-2024-55541 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. | 6.1 |
2025-01-02 | CVE-2024-55543 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
2024-10-15 | CVE-2024-49388 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. | 9.1 |
2024-07-16 | CVE-2022-45449 | Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. | 6.5 |
2024-02-27 | CVE-2023-48678 | Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to insecure folder permissions. | 5.5 |