Vulnerabilities > Acronis > Cyber Protect > 15

DATE CVE VULNERABILITY TITLE RISK
2025-01-02 CVE-2024-55540 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis CWE-427
7.8
7.8
2025-01-02 CVE-2024-55541 Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.
network
low complexity
acronis CWE-79
6.1
6.1
2025-01-02 CVE-2024-55543 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis CWE-427
7.8
7.8
2024-07-16 CVE-2022-45449 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent.
network
low complexity
acronis
6.5
6.5
2024-02-27 CVE-2023-48678 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to insecure folder permissions.
local
low complexity
acronis
5.5
5.5
2024-02-27 CVE-2023-48679 Unspecified vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.
network
low complexity
acronis
5.4
5.4
2024-02-27 CVE-2023-48680 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to excessive collection of system information.
local
low complexity
acronis
5.5
5.5
2024-02-27 CVE-2023-48681 Unspecified vulnerability in Acronis Cyber Protect 15
Self cross-site scripting (XSS) vulnerability in storage nodes search field.
network
low complexity
acronis
6.1
6.1
2024-02-27 CVE-2023-48682 Unspecified vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) vulnerability in unit name.
network
low complexity
acronis
5.4
5.4
2023-09-27 CVE-2023-44152 Unspecified vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure and manipulation due to improper authentication.
network
low complexity
acronis
critical
 9.1
9.1