Vulnerabilities > Acronis > Cyber Protect

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-30991 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
HTML injection via report name.
network
low complexity
acronis CWE-79
6.1
6.1
2022-05-18 CVE-2022-30992 Open Redirect vulnerability in Acronis Cyber Protect 15
Open redirect via user-controlled query parameter.
network
acronis CWE-601
5.8
5.8
2022-05-18 CVE-2022-30993 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 15
Cleartext transmission of sensitive information.
network
low complexity
acronis CWE-319
5.0
5.0
2022-05-18 CVE-2022-30994 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 15
Cleartext transmission of sensitive information.
network
low complexity
acronis CWE-319
5.0
5.0
2022-02-04 CVE-2021-44204 Unspecified vulnerability in Acronis products
Local privilege escalation via named pipe due to improper access control checks.
local
low complexity
acronis
4.6
4.6
2022-02-04 CVE-2022-24113 Incorrect Default Permissions vulnerability in Acronis products
Local privilege escalation due to excessive permissions assigned to child processes.
local
low complexity
acronis CWE-276
4.6
4.6
2021-11-29 CVE-2021-44198 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
DLL hijacking could lead to local privilege escalation. 		4.4
4.4
2021-11-29 CVE-2021-44199 Uncontrolled Search Path Element vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office
DLL hijacking could lead to denial of service. 		1.9
1.9
2021-11-29 CVE-2021-44200 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Self cross-site scripting (XSS) was possible on devices page.
network
acronis CWE-79
3.5
3.5
2021-11-29 CVE-2021-44201 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Cross-site scripting (XSS) was possible in notification pop-ups.
network
acronis CWE-79
4.3
4.3