Vulnerabilities (CVE)

Filtered by vendor Acronis Subscribe
Filtered by product Cyber Protect
Total 53 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45457 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45455 2 Acronis, Microsoft 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45454 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45453 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 N/A 7.5 HIGH
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
CVE-2022-45452 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45451 1 Acronis 3 Agent, Cyber Protect, Cyber Protect Home Office 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45450 4 Acronis, Apple, Linux and 1 more 5 Agent, Cyber Protect, Macos and 2 more 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
CVE-2022-3405 3 Acronis, Linux, Microsoft 4 Cyber Backup, Cyber Protect, Linux Kernel and 1 more 2024-11-21 N/A 8.8 HIGH
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
CVE-2022-30995 3 Acronis, Linux, Microsoft 4 Cyber Backup, Cyber Protect, Linux Kernel and 1 more 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
CVE-2022-30994 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240
CVE-2022-30993 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
CVE-2022-30992 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
CVE-2022-30991 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
CVE-2022-30990 3 Acronis, Linux, Microsoft 4 Agent, Cyber Protect, Linux Kernel and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037
CVE-2022-24113 2 Acronis, Microsoft 5 Agent, Cyber Protect, Cyber Protect Home Office and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
CVE-2021-44204 2 Acronis, Microsoft 5 Agent, Cyber Protect, Cyber Protect Home Office and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
CVE-2021-44203 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 3.5 LOW 5.4 MEDIUM
Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
CVE-2021-44202 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 3.5 LOW 5.4 MEDIUM
Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
CVE-2021-44201 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
CVE-2021-44200 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 3.5 LOW 5.4 MEDIUM
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035