Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cyber_protect
(Acronis)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 62 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-15 | CVE-2024-49382 | Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 4.3 | ||
| 2024-10-15 | CVE-2024-49383 | Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 4.3 | ||
| 2024-10-15 | CVE-2024-49384 | Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 4.3 | ||
| 2024-10-15 | CVE-2024-49388 | Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | Cyber_protect | 9.1 | ||
| 2021-02-22 | CVE-2020-35556 | An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur. | Cyber_protect | 7.5 | ||
| 2021-02-22 | CVE-2020-35664 | An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console. | Cyber_protect | 6.1 | ||
| 2021-08-12 | CVE-2021-38086 | Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | Cyber_protect | 7.8 | ||
| 2021-08-12 | CVE-2021-38087 | Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009. | Cyber_protect | 6.1 | ||
| 2021-08-12 | CVE-2021-38088 | Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. | Cyber_protect | 7.8 | ||
| 2021-11-29 | CVE-2021-44198 | DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035 | Cyber_protect | 7.8 |