Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cyber_protect
(Acronis)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 62 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-02 | CVE-2024-55540 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | Cyber_protect | 7.8 | ||
| 2025-01-02 | CVE-2024-55541 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169. | Cyber_protect | 6.1 | ||
| 2025-01-02 | CVE-2024-55543 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | Cyber_protect | 7.8 | ||
| 2024-02-27 | CVE-2023-48678 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | Cyber_protect | 5.5 | ||
| 2024-02-27 | CVE-2023-48679 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | Cyber_protect | 5.4 | ||
| 2024-02-27 | CVE-2023-48680 | Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391. | Cyber_protect | 5.5 | ||
| 2024-02-27 | CVE-2023-48681 | Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | Cyber_protect | 6.1 | ||
| 2024-02-27 | CVE-2023-48682 | Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | Cyber_protect | 5.4 | ||
| 2024-10-15 | CVE-2024-49387 | Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 7.5 | ||
| 2024-10-15 | CVE-2024-49382 | Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 4.3 |