Vulnerabilities > Acronis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-10138 | Improper Initialization vulnerability in Acronis Cyber Backup and Cyber Protect Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. | 7.2 |
| 2020-09-21 | CVE-2020-16171 | Server-Side Request Forgery (SSRF) vulnerability in Acronis Cyber Backup 12.5 An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. | 6.4 |
| 2017-06-21 | CVE-2017-3219 | Insufficient Verification of Data Authenticity vulnerability in Acronis True Image Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. | 8.3 |
| 2008-08-13 | CVE-2008-3671 | Cryptographic Issues vulnerability in Acronis True Image Echo Server 9.5.8072 Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2008-03-20 | CVE-2008-1411 | Improper Input Validation vulnerability in Acronis Snap Deploy 2.0.0.1076 The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference. | 5.0 |
| 2008-03-20 | CVE-2008-1410 | Path Traversal vulnerability in Acronis Snap Deploy 2.0.0.1076 Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service. | 4.3 |
| 2008-03-10 | CVE-2008-1280 | Improper Input Validation vulnerability in Acronis True Image and True Image Windows Agent Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference. | 5.0 |
| 2008-03-10 | CVE-2008-1279 | Improper Input Validation vulnerability in Acronis True Image Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a packet with an invalid length field, which causes an out-of-bounds read. | 5.0 |