Vulnerabilities > Acronis > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-49386 | Privacy Violation vulnerability in Acronis Cyber Files Sensitive information disclosure due to spell-jacking. | 5.7 |
| 2024-10-17 | CVE-2024-49392 | Cross-site Scripting vulnerability in Acronis Cyber Files Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. | 4.8 |
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-08-29 | CVE-2024-34018 | Incorrect Default Permissions vulnerability in Acronis Snap Deploy 6 Sensitive information disclosure due to insecure folder permissions. | 5.5 |
| 2024-06-14 | CVE-2024-34012 | Incorrect Default Permissions vulnerability in Acronis Cloud Manager Local privilege escalation due to insecure folder permissions. | 4.4 |
| 2023-10-06 | CVE-2023-45245 | Missing Authorization vulnerability in Acronis Agent Sensitive information disclosure due to missing authorization. | 5.5 |
| 2023-10-05 | CVE-2023-44213 | Privacy Violation vulnerability in Acronis Agent Sensitive information disclosure due to excessive collection of system information. | 5.5 |
| 2023-10-05 | CVE-2023-44214 | Missing Authorization vulnerability in Acronis Agent Sensitive information disclosure due to missing authorization. | 5.5 |