Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-02	CVE-2024-55541	Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. network low complexity acronis CWE-79	6.1
2024-10-15	CVE-2024-49382	Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis	4.3
2024-10-15	CVE-2024-49383	Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis	4.3
2024-10-15	CVE-2024-49384	Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis	4.3
2024-07-16	CVE-2022-45449	Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. network low complexity acronis	6.5
2024-02-27	CVE-2023-48678	Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to insecure folder permissions. local low complexity acronis	5.5
2024-02-27	CVE-2023-48679	Unspecified vulnerability in Acronis Cyber Protect 15 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. network low complexity acronis	5.4
2024-02-27	CVE-2023-48680	Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to excessive collection of system information. local low complexity acronis	5.5
2024-02-27	CVE-2023-48681	Unspecified vulnerability in Acronis Cyber Protect 15 Self cross-site scripting (XSS) vulnerability in storage nodes search field. network low complexity acronis	6.1
2024-02-27	CVE-2023-48682	Unspecified vulnerability in Acronis Cyber Protect 15 Stored cross-site scripting (XSS) vulnerability in unit name. network low complexity acronis	5.4