Vendor CVEs
Acronis
All CVEs
218 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-48962 | Med | 0.28 | 4.3 | 0.00 | Jun 4, 2025 | Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber Protect 16 (Windows, Linux) before build 39938. | ||
| CVE-2024-55538 | Med | 0.26 | 4.0 | 0.00 | Jan 2, 2025 | Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736, Acronis True Image OEM (macOS) before build 42571, Acronis True Image OEM… | ||
| CVE-2023-45249 | 0.22 | — | 0.54 | KEV | Jul 24, 2024 | Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis… | ||
| CVE-2024-34015 | Low | 0.21 | 3.3 | 0.00 | Nov 11, 2024 | Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892. | ||
| CVE-2024-55539 | Low | 0.16 | 2.5 | 0.00 | Dec 23, 2024 | Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938. | ||
| CVE-2022-30995 | 0.08 | — | 0.03 | May 3, 2023 | Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | |||
| CVE-2022-3405 | 0.06 | — | 0.05 | May 3, 2023 | Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | |||
| CVE-2020-25736 | 0.05 | — | 0.02 | Jul 15, 2021 | Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration. | |||
| CVE-2020-16171 | 0.04 | — | 0.06 | Sep 21, 2020 | An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be… | |||
| CVE-2008-1411 | 0.04 | — | 0.08 | Mar 20, 2008 | The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference. | |||
| CVE-2008-1410 | 0.03 | — | 0.06 | Mar 20, 2008 | Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service. | |||
| CVE-2026-28726 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28725 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2025-30413 | 0.00 | — | 0.00 | Mar 5, 2026 | Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | |||
| CVE-2026-28724 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28723 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28722 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28721 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28720 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28719 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28718 | 0.00 | — | 0.00 | Mar 5, 2026 | Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28717 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28716 | 0.00 | — | 0.00 | Mar 5, 2026 | Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28715 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28714 | 0.00 | — | 0.00 | Mar 5, 2026 | Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28713 | 0.00 | — | 0.00 | Mar 5, 2026 | Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186. | |||
| CVE-2026-28712 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28711 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28710 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28709 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2025-11790 | 0.00 | — | 0.00 | Mar 5, 2026 | Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124. | |||
| CVE-2025-11791 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124. | |||
| CVE-2025-11792 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124. | |||
| CVE-2025-30416 | 0.00 | — | 0.00 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2025-30412 | 0.00 | — | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2025-30411 | 0.00 | — | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2024-55541 | 0.00 | — | 0.00 | Jan 2, 2025 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169. | |||
| CVE-2024-55540 | 0.00 | — | 0.00 | Jan 2, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | |||
| CVE-2024-55543 | 0.00 | — | 0.00 | Jan 2, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | |||
| CVE-2024-49386 | 0.00 | — | 0.00 | Oct 17, 2024 | Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | |||
| CVE-2024-49389 | 0.00 | — | 0.00 | Oct 17, 2024 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | |||
| CVE-2024-49390 | 0.00 | — | 0.00 | Oct 17, 2024 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | |||
| CVE-2024-49391 | 0.00 | — | 0.00 | Oct 17, 2024 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | |||
| CVE-2024-49392 | 0.00 | — | 0.00 | Oct 17, 2024 | Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | |||
| CVE-2024-49388 | 0.00 | — | 0.00 | Oct 15, 2024 | Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||
| CVE-2024-49387 | 0.00 | — | 0.00 | Oct 15, 2024 | Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||
| CVE-2024-49384 | 0.00 | — | 0.00 | Oct 15, 2024 | Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||
| CVE-2024-49383 | 0.00 | — | 0.00 | Oct 15, 2024 | Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||
| CVE-2024-49382 | 0.00 | — | 0.00 | Oct 15, 2024 | Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||
| CVE-2024-34018 | 0.00 | — | 0.00 | Aug 29, 2024 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569. |
- risk 0.28cvss 4.3epss 0.00
Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber Protect 16 (Windows, Linux) before build 39938.
- risk 0.26cvss 4.0epss 0.00
Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736, Acronis True Image OEM (macOS) before build 42571, Acronis True Image OEM…
- risk 0.22cvss —epss 0.54
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis…
- risk 0.21cvss 3.3epss 0.00
Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892.
- risk 0.16cvss 2.5epss 0.00
Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938.
- CVE-2022-30995May 3, 2023risk 0.08cvss —epss 0.03
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
- CVE-2022-3405May 3, 2023risk 0.06cvss —epss 0.05
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
- CVE-2020-25736Jul 15, 2021risk 0.05cvss —epss 0.02
Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.
- CVE-2020-16171Sep 21, 2020risk 0.04cvss —epss 0.06
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be…
- CVE-2008-1411Mar 20, 2008risk 0.04cvss —epss 0.08
The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference.
- CVE-2008-1410Mar 20, 2008risk 0.03cvss —epss 0.06
Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.
- CVE-2026-28726Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28725Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2025-30413Mar 5, 2026risk 0.00cvss —epss 0.00
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- CVE-2026-28724Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28723Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28722Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28721Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28720Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28719Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28718Mar 5, 2026risk 0.00cvss —epss 0.00
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28717Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28716Mar 5, 2026risk 0.00cvss —epss 0.00
Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28715Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28714Mar 5, 2026risk 0.00cvss —epss 0.00
Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28713Mar 5, 2026risk 0.00cvss —epss 0.00
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
- CVE-2026-28712Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28711Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28710Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28709Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2025-11790Mar 5, 2026risk 0.00cvss —epss 0.00
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
- CVE-2025-11791Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
- CVE-2025-11792Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124.
- CVE-2025-30416Feb 20, 2026risk 0.00cvss —epss 0.00
Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2025-30412Feb 20, 2026risk 0.00cvss —epss 0.01
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2025-30411Feb 20, 2026risk 0.00cvss —epss 0.01
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2024-55541Jan 2, 2025risk 0.00cvss —epss 0.00
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
- CVE-2024-55540Jan 2, 2025risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
- CVE-2024-55543Jan 2, 2025risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
- CVE-2024-49386Oct 17, 2024risk 0.00cvss —epss 0.00
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
- CVE-2024-49389Oct 17, 2024risk 0.00cvss —epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
- CVE-2024-49390Oct 17, 2024risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
- CVE-2024-49391Oct 17, 2024risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
- CVE-2024-49392Oct 17, 2024risk 0.00cvss —epss 0.00
Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
- CVE-2024-49388Oct 15, 2024risk 0.00cvss —epss 0.00
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
- CVE-2024-49387Oct 15, 2024risk 0.00cvss —epss 0.00
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
- CVE-2024-49384Oct 15, 2024risk 0.00cvss —epss 0.00
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
- CVE-2024-49383Oct 15, 2024risk 0.00cvss —epss 0.00
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
- CVE-2024-49382Oct 15, 2024risk 0.00cvss —epss 0.00
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
- CVE-2024-34018Aug 29, 2024risk 0.00cvss —epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
Page 2 of 5