Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-31	CVE-2023-41747	Path Traversal vulnerability in Acronis Cloud Manager Sensitive information disclosure due to unauthenticated path traversal. low complexity acronis CWE-22	6.5
2023-05-18	CVE-2023-2782	Incorrect Authorization vulnerability in Acronis Cyber Infrastructure Sensitive information disclosure due to improper authorization. local low complexity acronis CWE-863	5.5
2022-11-07	CVE-2022-44745	Information Exposure Through Log Files vulnerability in Acronis Cyber Protect Home Office Sensitive information leak through log files. local low complexity acronis CWE-532	5.5
2022-11-07	CVE-2022-44746	Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office Sensitive information disclosure due to insecure folder permissions. local low complexity acronis CWE-732	5.5
2022-05-18	CVE-2022-30991	Cross-site Scripting vulnerability in Acronis Cyber Protect 15 HTML injection via report name. network low complexity acronis CWE-79	6.1
2022-05-18	CVE-2022-30992	Open Redirect vulnerability in Acronis Cyber Protect 15 Open redirect via user-controlled query parameter. network low complexity acronis CWE-601	6.1
2021-11-29	CVE-2021-44199	Uncontrolled Search Path Element vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office DLL hijacking could lead to denial of service. local low complexity acronis CWE-427	5.5
2021-11-29	CVE-2021-44200	Cross-site Scripting vulnerability in Acronis Cyber Protect 15 Self cross-site scripting (XSS) was possible on devices page. network low complexity acronis CWE-79	5.4
2021-11-29	CVE-2021-44201	Cross-site Scripting vulnerability in Acronis Cyber Protect 15 Cross-site scripting (XSS) was possible in notification pop-ups. network low complexity acronis CWE-79	6.1
2021-11-29	CVE-2021-44202	Cross-site Scripting vulnerability in Acronis Cyber Protect 15 Stored cross-site scripting (XSS) was possible in activity details. network low complexity acronis CWE-79	5.4