Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acronis vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2022-24114
Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
Acronis True Image 2021
Acronis Cyber Protect Home Office -
7.8
CVSSv3
CVE-2022-24115
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
Acronis True Image 2021
Acronis Cyber Protect Home Office -
1 Github repository
6.5
CVSSv3
CVE-2020-16171
An issue exists in Acronis Cyber Backup prior to 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused ...
Acronis Cyber Backup
Acronis Cyber Backup 12.5
6.1
CVSSv3
CVE-2021-38087
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
Acronis Cyber Protect
Acronis Cyber Protect 15
7.5
CVSSv3
CVE-2020-35556
An issue exists in Acronis Cyber Protect prior to 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.
Acronis Cyber Protect
Acronis Cyber Protect 15
7.8
CVSSv3
CVE-2022-30697
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
Acronis Snap Deploy 6
Acronis Snap Deploy
7.8
CVSSv3
CVE-2023-2355
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3900.
Acronis Snap Deploy 6
Acronis Snap Deploy
6.1
CVSSv3
CVE-2020-35664
An issue exists in Acronis Cyber Protect prior to 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.
Acronis Cyber Protect
Acronis Cyber Protect 15
7.8
CVSSv3
CVE-2022-30695
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
Acronis Snap Deploy 6
Acronis Snap Deploy
7.8
CVSSv3
CVE-2022-30696
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
Acronis Snap Deploy 6
Acronis Snap Deploy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »