Vulnerabilities in Acronis
192 resultsCVE-2023-45249CRITICALRemote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before buiEPSS 53.5%KEVCVE-2022-3405CRITICALCode execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affectEPSS 5.3%CVE-2022-30995CRITICALSensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, LinEPSS 3.3%CVE-2023-41748HIGHRemote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before buildEPSS 1.1%CVE-2023-41746HIGHRemote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before buildEPSS 1.1%CVE-2021-34800—Sensitive information could be loggedEPSS 1.0%CVE-2023-44156MEDIUMSensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) beforeEPSS 0.9%CVE-2022-30990—Sensitive information disclosure due to insecure folder permissionsEPSS 0.8%CVE-2023-44206HIGHSensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect EPSS 0.8%CVE-2023-44155MEDIUMSensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35EPSS 0.7%CVE-2024-34013HIGHLocal privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) beforeEPSS 0.6%CVE-2023-44158LOWSensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (LinEPSS 0.6%CVE-2025-30411CRITICALSensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (LiEPSS 0.6%CVE-2023-44154MEDIUMSensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect EPSS 0.6%CVE-2023-44205LOWSensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, WindowEPSS 0.6%CVE-2023-44152MEDIUMSensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber ProtectEPSS 0.6%CVE-2021-44201—Cross-site scripting (XSS) was possible in notification pop-upsEPSS 0.6%CVE-2025-30410CRITICALSensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud AEPSS 0.6%CVE-2025-30412CRITICALSensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (LiEPSS 0.6%CVE-2022-30993—Cleartext transmission of sensitive informationEPSS 0.5%