Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cyber_protect
(Acronis)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 53 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-29 | CVE-2021-44198 | DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035 | Cyber_protect | 7.8 | ||
| 2021-11-29 | CVE-2021-44199 | DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612 | Agent, Cyber_protect, Cyber_protect_home_office | 5.5 | ||
| 2021-11-29 | CVE-2021-44200 | Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | Cyber_protect | 5.4 | ||
| 2021-11-29 | CVE-2021-44201 | Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | Cyber_protect | 6.1 | ||
| 2021-11-29 | CVE-2021-44203 | Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | Cyber_protect | 5.4 | ||
| 2021-11-29 | CVE-2021-44202 | Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | Cyber_protect | 5.4 | ||
| 2021-08-12 | CVE-2021-38086 | Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | Cyber_protect | 7.8 | ||
| 2021-08-12 | CVE-2021-38087 | Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009. | Cyber_protect | 6.1 | ||
| 2021-02-22 | CVE-2020-35556 | An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur. | Cyber_protect | 7.5 | ||
| 2021-02-22 | CVE-2020-35664 | An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console. | Cyber_protect | 6.1 |