Vulnerabilities > Acronis > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-17 CVE-2024-49386 Privacy Violation vulnerability in Acronis Cyber Files
Sensitive information disclosure due to spell-jacking.
low complexity
acronis CWE-359
5.7
2024-10-17 CVE-2024-49392 Cross-site Scripting vulnerability in Acronis Cyber Files
Stored cross-site scripting (XSS) vulnerability on enrollment invitation page.
network
low complexity
acronis CWE-79
4.8
2024-10-15 CVE-2024-49382 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in archive-server service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
2024-10-15 CVE-2024-49383 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
2024-10-15 CVE-2024-49384 Unspecified vulnerability in Acronis Cyber Protect 16
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address.
low complexity
acronis
4.3
2024-08-29 CVE-2024-34018 Incorrect Default Permissions vulnerability in Acronis Snap Deploy 6
Sensitive information disclosure due to insecure folder permissions.
local
low complexity
acronis CWE-276
5.5
2024-06-14 CVE-2024-34012 Unspecified vulnerability in Acronis Cloud Manager
Local privilege escalation due to insecure folder permissions.
local
low complexity
acronis
4.4
2023-10-06 CVE-2023-45245 Missing Authorization vulnerability in Acronis Agent
Sensitive information disclosure due to missing authorization.
local
low complexity
acronis CWE-862
5.5
2023-10-05 CVE-2023-44213 Unspecified vulnerability in Acronis Agent
Sensitive information disclosure due to excessive collection of system information.
local
low complexity
acronis
5.5
2023-10-05 CVE-2023-44214 Missing Authorization vulnerability in Acronis Agent
Sensitive information disclosure due to missing authorization.
local
low complexity
acronis CWE-862
5.5