Vulnerabilities in Acronis

192 results
CVE-2024-49392MEDIUMStored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (WinEPSS 0.2%CVE-2023-45244HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2023-45247HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2023-45246HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2024-49382LOWExcessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: AcroniEPSS 0.2%CVE-2024-49383LOWExcessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: AcronisEPSS 0.2%CVE-2024-49384LOWExcessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: AcroniEPSS 0.2%CVE-2022-24113Local privilege escalation due to excessive permissions assigned to child processesEPSS 0.2%CVE-2023-48676LOWSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2024-34010HIGHLocal privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud AgentEPSS 0.2%CVE-2024-34015LOWSensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis BEPSS 0.2%CVE-2023-45243MEDIUMSensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (LinuxEPSS 0.2%CVE-2025-48962MEDIUMSensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber Protect 16 (Windows, Linux) before build 39EPSS 0.2%CVE-2021-44204Local privilege escalation via named pipe due to improper access control checksEPSS 0.2%CVE-2024-34014MEDIUMArbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin EPSS 0.2%CVE-2022-44733HIGHLocal privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (WindoEPSS 0.2%CVE-2022-0483Local privilege escalation due to insecure folder permissionsEPSS 0.2%CVE-2022-30695Local privilege escalation due to excessive permissions assigned to child processesEPSS 0.2%CVE-2023-41745MEDIUMSensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (LinuEPSS 0.2%CVE-2022-44747LOWLocal privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (WindoEPSS 0.2%