Cyber Protect
by Acronis
CVEs (94)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44210 | 0.00 | — | 0.00 | Oct 4, 2023 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29258, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | |||
| CVE-2023-44209 | 0.00 | — | 0.00 | Oct 4, 2023 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29051, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | |||
| CVE-2023-44159 | 0.00 | — | 0.00 | Sep 27, 2023 | Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44156 | 0.00 | — | 0.01 | Sep 27, 2023 | Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44205 | 0.00 | — | 0.01 | Sep 27, 2023 | Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44161 | 0.00 | — | 0.00 | Sep 27, 2023 | Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44160 | 0.00 | — | 0.00 | Sep 27, 2023 | Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44158 | 0.00 | — | 0.01 | Sep 27, 2023 | Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44157 | 0.00 | — | 0.00 | Sep 27, 2023 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979. | |||
| CVE-2023-44155 | 0.00 | — | 0.01 | Sep 27, 2023 | Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44154 | 0.00 | — | 0.01 | Sep 27, 2023 | Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||
| CVE-2023-44153 | 0.00 | — | 0.00 | Sep 27, 2023 | Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. | |||
| CVE-2022-45451 | 0.00 | — | 0.00 | Aug 31, 2023 | Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build… | |||
| CVE-2022-45450 | 0.00 | — | 0.00 | May 18, 2023 | Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984. | |||
| CVE-2022-45457 | 0.00 | — | 0.00 | May 18, 2023 | Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984. | |||
| CVE-2022-45453 | 0.00 | — | 0.00 | May 18, 2023 | TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. | |||
| CVE-2022-45455 | 0.00 | — | 0.00 | Feb 13, 2023 | Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. | |||
| CVE-2022-30991 | 0.00 | — | 0.01 | May 18, 2022 | HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | |||
| CVE-2022-30992 | 0.00 | — | 0.01 | May 18, 2022 | Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | |||
| CVE-2022-30993 | 0.00 | — | 0.01 | May 18, 2022 | Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 |
- CVE-2023-44210Oct 4, 2023risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29258, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- CVE-2023-44209Oct 4, 2023risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29051, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- CVE-2023-44159Sep 27, 2023risk 0.00cvss —epss 0.00
Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44156Sep 27, 2023risk 0.00cvss —epss 0.01
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44205Sep 27, 2023risk 0.00cvss —epss 0.01
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44161Sep 27, 2023risk 0.00cvss —epss 0.00
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44160Sep 27, 2023risk 0.00cvss —epss 0.00
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44158Sep 27, 2023risk 0.00cvss —epss 0.01
Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44157Sep 27, 2023risk 0.00cvss —epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979.
- CVE-2023-44155Sep 27, 2023risk 0.00cvss —epss 0.01
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44154Sep 27, 2023risk 0.00cvss —epss 0.01
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
- CVE-2023-44153Sep 27, 2023risk 0.00cvss —epss 0.00
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
- CVE-2022-45451Aug 31, 2023risk 0.00cvss —epss 0.00
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build…
- CVE-2022-45450May 18, 2023risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
- CVE-2022-45457May 18, 2023risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
- CVE-2022-45453May 18, 2023risk 0.00cvss —epss 0.00
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
- CVE-2022-45455Feb 13, 2023risk 0.00cvss —epss 0.00
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
- CVE-2022-30991May 18, 2022risk 0.00cvss —epss 0.01
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
- CVE-2022-30992May 18, 2022risk 0.00cvss —epss 0.01
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
- CVE-2022-30993May 18, 2022risk 0.00cvss —epss 0.01
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Page 4 of 5