CVE-2022-30995
- EPSS 46.43%
- Published 03.05.2023 11:15:11
- Last modified 21.11.2024 07:03:40
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
CVE-2022-3405
- EPSS 29.61%
- Published 03.05.2023 11:15:11
- Last modified 21.11.2024 07:19:27
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) b...
CVE-2020-10138
- EPSS 0.05%
- Published 21.10.2020 14:15:15
- Last modified 21.11.2024 04:54:53
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL c...
CVE-2020-16171
- EPSS 11.24%
- Published 21.09.2020 14:15:13
- Last modified 21.11.2024 05:06:54
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the app...