Vulnerabilities > Acronis > Cyber Protect

DATE CVE VULNERABILITY TITLE RISK
2025-01-02 CVE-2024-55540 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis CWE-427
7.8
7.8
2025-01-02 CVE-2024-55541 Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.
network
low complexity
acronis CWE-79
6.1
6.1
2025-01-02 CVE-2024-55543 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis CWE-427
7.8
7.8
2024-10-15 CVE-2024-49382 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in archive-server service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49383 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49384 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
4.3
2024-10-15 CVE-2024-49387 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16
Cleartext transmission of sensitive information in acep-collector service.
network
low complexity
acronis CWE-319
7.5
7.5
2024-10-15 CVE-2024-49388 Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16
Sensitive information manipulation due to improper authorization.
network
low complexity
acronis CWE-639
critical
 9.1
9.1
2024-07-16 CVE-2022-45449 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent.
network
low complexity
acronis
6.5
6.5
2024-02-27 CVE-2023-48678 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to insecure folder permissions.
local
low complexity
acronis
5.5
5.5