Vulnerabilities > Acronis > Cyber Protect > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2023-09-27 | CVE-2023-44160 | Cross-Site Request Forgery (CSRF) vulnerability in Acronis Cyber Protect 15 Sensitive information manipulation due to cross-site request forgery. | 6.5 |
| 2023-09-27 | CVE-2023-44161 | Cross-Site Request Forgery (CSRF) vulnerability in Acronis Cyber Protect 15 Sensitive information manipulation due to cross-site request forgery. | 6.5 |
| 2023-09-27 | CVE-2023-44205 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to improper authorization. | 5.3 |
| 2023-09-27 | CVE-2023-44207 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15 Stored cross-site scripting (XSS) vulnerability in protection plan name. | 5.4 |
| 2023-08-31 | CVE-2023-41745 | Exposure of Resource to Wrong Sphere vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure due to excessive collection of system information. | 5.5 |
| 2022-05-18 | CVE-2022-30991 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15 HTML injection via report name. | 6.1 |
| 2022-05-18 | CVE-2022-30992 | Open Redirect vulnerability in Acronis Cyber Protect 15 Open redirect via user-controlled query parameter. | 6.1 |