Acronis

Cyber Protect

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-49384

  • EPSS 0.16%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:59

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

7.5

CVE-2024-49387

  • EPSS 0.21%
  • Veröffentlicht 15.10.2024 11:15:13
  • Zuletzt bearbeitet 04.02.2025 17:05:54

Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

6.5

CVE-2022-45449

  • EPSS 0.77%
  • Veröffentlicht 16.07.2024 15:15:10
  • Zuletzt bearbeitet 07.03.2025 14:55:48

Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.

5.4

CVE-2023-48682

  • EPSS 0.12%
  • Veröffentlicht 27.02.2024 17:15:11
  • Zuletzt bearbeitet 06.02.2025 16:16:31

Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

6.1

CVE-2023-48681

  • EPSS 0.75%
  • Veröffentlicht 27.02.2024 17:15:10
  • Zuletzt bearbeitet 06.02.2025 16:18:20

Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

5.5

CVE-2023-48680

  • EPSS 0.17%
  • Veröffentlicht 27.02.2024 17:15:10
  • Zuletzt bearbeitet 06.02.2025 16:29:47

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391.

5.4

CVE-2023-48679

  • EPSS 0.65%
  • Veröffentlicht 27.02.2024 17:15:10
  • Zuletzt bearbeitet 06.02.2025 16:30:48

Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

5.5

CVE-2023-48678

  • EPSS 0.07%
  • Veröffentlicht 27.02.2024 17:15:10
  • Zuletzt bearbeitet 06.02.2025 16:32:10

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

5.4

CVE-2023-44207

  • EPSS 0.21%
  • Veröffentlicht 27.09.2023 15:19:39
  • Zuletzt bearbeitet 21.11.2024 08:25:26

Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

9.1

CVE-2023-44206

  • EPSS 0.53%
  • Veröffentlicht 27.09.2023 15:19:39
  • Zuletzt bearbeitet 21.11.2024 08:25:26

Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.