Vulnerabilities > Acronis > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-49386 | Privacy Violation vulnerability in Acronis Cyber Files Sensitive information disclosure due to spell-jacking. | 5.7 |
| 2024-10-17 | CVE-2024-49392 | Cross-site Scripting vulnerability in Acronis Cyber Files Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. | 4.8 |
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-08-29 | CVE-2024-34018 | Incorrect Default Permissions vulnerability in Acronis Snap Deploy 6 Sensitive information disclosure due to insecure folder permissions. | 5.5 |
| 2024-06-14 | CVE-2024-34012 | Unspecified vulnerability in Acronis Cloud Manager Local privilege escalation due to insecure folder permissions. | 4.4 |
| 2024-02-27 | CVE-2023-48678 | Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to insecure folder permissions. | 5.5 |
| 2024-02-27 | CVE-2023-48679 | Unspecified vulnerability in Acronis Cyber Protect 15 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. | 5.4 |
| 2024-02-27 | CVE-2023-48680 | Unspecified vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to excessive collection of system information. | 5.5 |