Vulnerabilities > Acronis > Cyber Protect > 16
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-02 | CVE-2024-55540 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
2025-01-02 | CVE-2024-55541 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. | 6.1 |
2025-01-02 | CVE-2024-55543 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
2024-10-15 | CVE-2024-49388 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. | 9.1 |