Loading HuntDB...

Version unspecified

OTHER 26 CVEs

Known Vulnerabilities

CVE-2024-55541

Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.

LOW CVSS 3.1 Published Jan 02, 2025

CVE-2024-55542

Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.

MEDIUM CVSS 4.4 Published Jan 02, 2025

CVE-2024-56414

Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

MEDIUM CVSS 5.5 Published Jan 02, 2025

CVE-2024-56413

Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

MEDIUM CVSS 6.1 Published Jan 02, 2025

CVE-2024-55540

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

MEDIUM CVSS 6.6 Published Jan 02, 2025

CVE-2024-55543

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

HIGH CVSS 7.3 Published Jan 02, 2025

CVE-2024-49388

Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

LOW CVSS 3.1 Published Oct 15, 2024

CVE-2024-49387

Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

MEDIUM CVSS 5.4 Published Oct 15, 2024

CVE-2024-49384

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

LOW CVSS 3.5 Published Oct 15, 2024

CVE-2024-49383

Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

LOW CVSS 3.5 Published Oct 15, 2024

CVE-2024-49382

Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

LOW CVSS 3.5 Published Oct 15, 2024

CVE-2024-8766

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169.

MEDIUM CVSS 6.7 Published Sep 16, 2024

CVE-2024-34010

Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690.

HIGH CVSS 8.2 Published Apr 29, 2024

CVE-2023-48683

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.

HIGH CVSS 7.1 Published Apr 29, 2024

CVE-2023-48682

Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

MEDIUM CVSS 6.1 Published Feb 27, 2024

CVE-2023-48681

Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

LOW CVSS 1.9 Published Feb 27, 2024

CVE-2023-48680

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391.

LOW CVSS 3.3 Published Feb 27, 2024

CVE-2023-48679

Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

LOW CVSS 3.1 Published Feb 27, 2024

CVE-2023-48678

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

MEDIUM CVSS 5.5 Published Feb 27, 2024

CVE-2023-45247

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36497, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.

HIGH CVSS 7.1 Published Oct 09, 2023

CVE-2023-45248

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497, Acronis Cyber Protect 16 (Windows) before build 37391.

MEDIUM CVSS 6.6 Published Oct 09, 2023

CVE-2023-45246

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.

HIGH CVSS 7.1 Published Oct 06, 2023

CVE-2023-45244

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.

HIGH CVSS 7.1 Published Oct 06, 2023

CVE-2023-45241

Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.

MEDIUM CVSS 4.4 Published Oct 05, 2023

CVE-2023-44213

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 35739, Acronis Cyber Protect 16 (Windows) before build 37391.

LOW CVSS 3.3 Published Oct 05, 2023

CVE-2023-44211

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637, Acronis Cyber Protect 16 (Linux, Windows) before build 37391.

HIGH CVSS 7.1 Published Oct 05, 2023