Acronis

Cyber Protect

62 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-55543

  • EPSS 0.03%
  • Veröffentlicht 02.01.2025 16:15:08
  • Zuletzt bearbeitet 26.02.2025 18:25:29

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

6.1

CVE-2024-55541

  • EPSS 0.13%
  • Veröffentlicht 02.01.2025 16:15:07
  • Zuletzt bearbeitet 26.02.2025 18:25:29

Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.

7.8

CVE-2024-55540

  • EPSS 0.02%
  • Veröffentlicht 02.01.2025 16:15:07
  • Zuletzt bearbeitet 26.02.2025 18:25:29

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

9.1

CVE-2024-49388

  • EPSS 0.16%
  • Veröffentlicht 15.10.2024 11:15:14
  • Zuletzt bearbeitet 04.02.2025 17:06:04

Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

7.5

CVE-2024-49387

  • EPSS 0.09%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:54

Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

4.3

CVE-2024-49384

  • EPSS 0.04%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:59

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

4.3

CVE-2024-49383

  • EPSS 0.04%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:52

Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

4.3

CVE-2024-49382

  • EPSS 0.04%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:56

Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

6.5

CVE-2022-45449

  • EPSS 0.74%
  • Veröffentlicht 16.07.2024 15:15:10
  • Zuletzt bearbeitet 07.03.2025 14:55:48

Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.

5.4

CVE-2023-48682

  • EPSS 0.12%
  • Veröffentlicht 27.02.2024 17:15:11
  • Zuletzt bearbeitet 06.02.2025 16:16:31

Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.