Vulnerabilities > Acronis > Cyber Protect

DATE CVE VULNERABILITY TITLE RISK
2021-11-29 CVE-2021-44202 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) was possible in activity details.
network
low complexity
acronis CWE-79
5.4
5.4
2021-11-29 CVE-2021-44203 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) was possible in protection plan details.
network
low complexity
acronis CWE-79
5.4
5.4
2021-08-12 CVE-2021-38086 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
local
low complexity
acronis CWE-427
7.8
7.8
2021-08-12 CVE-2021-38087 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
network
low complexity
acronis CWE-79
6.1
6.1
2021-08-12 CVE-2021-38088 Unspecified vulnerability in Acronis Cyber Protect 15
Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.
local
low complexity
acronis
7.8
7.8
2021-02-22 CVE-2020-35664 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172.
network
low complexity
acronis CWE-79
6.1
6.1
2021-02-22 CVE-2020-35556 Unspecified vulnerability in Acronis Cyber Protect 15
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172.
network
low complexity
acronis
7.5
7.5
2020-10-21 CVE-2020-10138 Improper Initialization vulnerability in Acronis Cyber Backup and Cyber Protect
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\.
local
low complexity
acronis CWE-665
7.8
7.8