1. Vendors
  2. acronis
  3. CVE's for cyber_protect
IDCVSSSummaryLast (major) updatePublished
CVE-2021-44199 1.9
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612
30-11-2021 - 21:23 29-11-2021 - 19:15
CVE-2022-30990 5.0
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037
01-06-2022 - 17:25 18-05-2022 - 20:15
CVE-2020-10138 7.2
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL c
20-12-2021 - 22:24 21-10-2020 - 14:15
CVE-2020-35556 5.0
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.
21-07-2021 - 11:39 22-02-2021 - 03:15
CVE-2020-35664 4.3
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.
26-02-2021 - 03:38 22-02-2021 - 03:15
CVE-2021-38088 4.6
Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.
12-07-2022 - 17:42 12-08-2021 - 14:15
CVE-2021-38087 4.3
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
20-08-2021 - 18:59 12-08-2021 - 14:15
CVE-2021-38086 4.4
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
23-09-2021 - 13:48 12-08-2021 - 14:15
CVE-2021-44203 3.5
Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
30-11-2021 - 13:37 29-11-2021 - 19:15
CVE-2021-44202 3.5
Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
30-11-2021 - 13:38 29-11-2021 - 19:15
CVE-2021-44201 4.3
Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
30-11-2021 - 13:37 29-11-2021 - 19:15
CVE-2021-44200 3.5
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
30-11-2021 - 13:42 29-11-2021 - 19:15
CVE-2021-44198 4.4
DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035
30-11-2021 - 20:52 29-11-2021 - 19:15
CVE-2022-30994 5.0
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240
01-06-2022 - 19:30 18-05-2022 - 20:15
CVE-2022-30993 5.0
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
01-06-2022 - 19:19 18-05-2022 - 20:15
CVE-2022-30992 5.8
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
01-06-2022 - 19:15 18-05-2022 - 20:15
CVE-2022-30991 4.3
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
01-06-2022 - 19:26 18-05-2022 - 20:15
Back to Top Mark selected
Back to Top