cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-45449,https://securityvulnerability.io/vulnerability/CVE-2022-45449,Acronis Cyber Protect 15 Discloses Sensitive Information Due to Excessive Privileges,"A vulnerability exists in Acronis Cyber Protect 15 due to excessive privileges assigned to the Acronis Agent, which could potentially lead to sensitive information disclosure. This issue affects both Windows and Linux versions of the software prior to build 30984. Administrators and users should ensure they are using the latest version to mitigate risks associated with unauthorized access to confidential data.",Acronis,Acronis Cyber Protect 15,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T14:47:21.100Z,0
CVE-2023-44205,https://securityvulnerability.io/vulnerability/CVE-2023-44205,Sensitive Information Disclosure in Acronis Cyber Protect by Acronis,"A vulnerability exists in Acronis Cyber Protect 15 that allows for sensitive information disclosure due to improper authorization. This issue impacts versions of the software prior to build 35979, potentially exposing sensitive data to unauthorized users. It is crucial for users of the affected versions to update their software to mitigate this risk. For further details, refer to Acronis's security advisory at SEC-4321.",Acronis,Acronis Cyber Protect 15,3.5,LOW,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44161,https://securityvulnerability.io/vulnerability/CVE-2023-44161,Sensitive Information Manipulation in Acronis Cyber Protect 15 by Acronis,"A vulnerability exists in Acronis Cyber Protect 15 that allows for sensitive information manipulation due to cross-site request forgery. Attackers could exploit this flaw to trick users into executing unintended actions within the application, potentially leading to unauthorized access to sensitive data. It is crucial for users to update to build 35979 or newer to mitigate this risk.",Acronis,Acronis Cyber Protect 15,3.1,LOW,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44159,https://securityvulnerability.io/vulnerability/CVE-2023-44159,Sensitive Information Disclosure in Acronis Cyber Protect 15 by Acronis,"A security vulnerability has been identified in Acronis Cyber Protect 15, affecting both Linux and Windows platforms, due to the cleartext storage of sensitive information. This flaw can potentially expose confidential user data, compromising the integrity and confidentiality of stored information. Users are encouraged to update to build 35979 or later to mitigate the risks associated with this vulnerability. For more details, refer to the vendor advisory SEC-5787.",Acronis,Acronis Cyber Protect 15,5.5,MEDIUM,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44156,https://securityvulnerability.io/vulnerability/CVE-2023-44156,Sensitive Information Disclosure in Acronis Cyber Protect 15,"The vulnerability presents a risk through sensitive information disclosure due to an issue known as spell-jacking. Affected users utilizing Acronis Cyber Protect 15 on Linux or Windows before build 35979 may be at risk, making it essential to upgrade to the latest version to mitigate potential exposures. For more information, refer to the official security advisory from Acronis.",Acronis,Acronis Cyber Protect 15,5.7,MEDIUM,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44155,https://securityvulnerability.io/vulnerability/CVE-2023-44155,Sensitive Information Leak in Acronis Cyber Protect by Acronis,"A vulnerability exists in Acronis Cyber Protect 15, allowing sensitive information to be improperly logged in files. This issue affects both Linux and Windows versions prior to build 35979, potentially exposing confidential data to unauthorized access.",Acronis,Acronis Cyber Protect 15,4.4,MEDIUM,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44158,https://securityvulnerability.io/vulnerability/CVE-2023-44158,Sensitive Information Disclosure in Acronis Cyber Protect Software Products,"A vulnerability exists in Acronis Cyber Protect 15 that allows for the disclosure of sensitive information due to inadequate masking of token fields. This flaw may expose potentially confidential data to unauthorized users, impacting the overall security posture of systems running affected versions of the software.",Acronis,Acronis Cyber Protect 15,3.5,LOW,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44207,https://securityvulnerability.io/vulnerability/CVE-2023-44207,Stored Cross-Site Scripting Vulnerability in Acronis Cyber Protect by Acronis,"A vulnerability has been identified in Acronis Cyber Protect 15 that allows for stored cross-site scripting (XSS). This security flaw occurs when user-controlled input is improperly validated, potentially enabling an attacker to inject malicious scripts. Affected versions include Acronis Cyber Protect 15 on both Linux and Windows platforms prior to build 35979. Users are advised to upgrade to the latest build to mitigate security risks.",Acronis,Acronis Cyber Protect 15,6.7,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44153,https://securityvulnerability.io/vulnerability/CVE-2023-44153,Sensitive Information Disclosure in Acronis Cyber Protect 15 by Acronis,"Acronis Cyber Protect 15 has a vulnerability that enables attackers to access sensitive information due to the cleartext storage of data in memory. This affects versions prior to build 35979 across Linux, macOS, and Windows platforms. Organizations using affected versions are at risk of data leaks, which could lead to serious privacy concerns and operational disruptions.",Acronis,Acronis Cyber Protect 15,2.2,LOW,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44154,https://securityvulnerability.io/vulnerability/CVE-2023-44154,Improper Authorization Vulnerability in Acronis Cyber Protect 15 by Acronis,"Acronis Cyber Protect 15 suffers from a vulnerability that enables sensitive information disclosure and manipulation due to improper authorization. This flaw could potentially allow unauthorized users access to sensitive data, posing a significant security risk. Affected versions include Acronis Cyber Protect 15 for both Linux and Windows platforms, prior to build 35979. Users are advised to update to the latest version to mitigate the risk associated with this vulnerability.",Acronis,Acronis Cyber Protect 15,4.6,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44157,https://securityvulnerability.io/vulnerability/CVE-2023-44157,Local Privilege Escalation in Acronis Cyber Protect by Acronis,"Acronis Cyber Protect 15 (Windows) is susceptible to local privilege escalation owing to insecure folder permissions. This vulnerability could allow a malicious actor to gain elevated privileges on the affected system, potentially compromising sensitive data and functionalities. Users are advised to update to build 35979 or later to mitigate this issue.",Acronis,Acronis Cyber Protect 15,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44160,https://securityvulnerability.io/vulnerability/CVE-2023-44160,Cross-Site Request Forgery Vulnerability in Acronis Cyber Protect 15,"A vulnerability in Acronis Cyber Protect 15 allows for sensitive information manipulation due to cross-site request forgery. This could potentially allow an attacker to trick a user into submitting unwanted actions on their behalf, impacting the integrity and confidentiality of user data. This issue affects both Linux and Windows versions of the product prior to build 35979. Affected users are advised to upgrade to the latest version to mitigate potential risks associated with this vulnerability.",Acronis,Acronis Cyber Protect 15,6.5,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44206,https://securityvulnerability.io/vulnerability/CVE-2023-44206,Sensitive Information Disclosure in Acronis Cyber Protect by Acronis,A vulnerability has been identified in Acronis Cyber Protect 15 that allows for sensitive information disclosure and manipulation due to improper authorization mechanisms. This issue affects both Linux and Windows versions prior to build 35979. Organizations utilizing these affected builds should apply necessary patches to mitigate risks associated with unauthorized access to sensitive data.,Acronis,Acronis Cyber Protect 15,7.1,HIGH,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-44152,https://securityvulnerability.io/vulnerability/CVE-2023-44152,Sensitive Information Disclosure in Acronis Cyber Protect 15 by Acronis,"A vulnerability exists in Acronis Cyber Protect 15 that allows for sensitive information disclosure and manipulation due to improper authentication. This affects various platforms including Linux, macOS, and Windows, prior to build 35979. If exploited, this vulnerability can expose sensitive user data and put organizations at risk, making timely patching essential.",Acronis,Acronis Cyber Protect 15,6.1,MEDIUM,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-09-27T15:19:00.000Z,0
CVE-2023-41749,https://securityvulnerability.io/vulnerability/CVE-2023-41749,Sensitive Information Disclosure in Acronis Agent and Cyber Protect by Acronis,"The vulnerability involves excessive collection of sensitive system information by Acronis Agent and Acronis Cyber Protect, potentially exposing confidential data. Affected users are at risk of unauthorized access due to the inadequate handling of system information, which warrants immediate attention to safeguard their systems.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",4.4,MEDIUM,0.0013500000350177288,false,,false,false,false,,,false,false,,2023-08-31T21:15:00.000Z,0
CVE-2023-41745,https://securityvulnerability.io/vulnerability/CVE-2023-41745,Sensitive Information Disclosure in Acronis Agent and Acronis Cyber Protect by Acronis,"The Acronis Agent and Acronis Cyber Protect products are prone to a vulnerability that allows for the excessive collection of system information, potentially leading to sensitive information disclosure. This issue affects multiple platforms including Linux, macOS, and Windows for both the Acronis Agent and Acronis Cyber Protect 15 software. Users are encouraged to upgrade to the latest builds to mitigate risks associated with this vulnerability.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",6.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-08-31T18:15:00.000Z,0
CVE-2023-41744,https://securityvulnerability.io/vulnerability/CVE-2023-41744,Local Privilege Escalation in Acronis Cyber Protect for macOS,"A local privilege escalation vulnerability exists in Acronis Cyber Protect and Acronis Agent for macOS due to the unrestricted loading of unsigned libraries. This flaw could allow an attacker with local access to execute arbitrary code with elevated privileges, potentially compromising the security and integrity of the system. Users are advised to update to the latest builds to mitigate this risk.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-31T16:15:00.000Z,0
CVE-2023-41743,https://securityvulnerability.io/vulnerability/CVE-2023-41743,Local Privilege Escalation Vulnerability in Acronis Cyber Protect Products,"A local privilege escalation vulnerability exists within Acronis Cyber Protect products due to improper permissions set on driver communication ports. This flaw can potentially allow attackers to elevate their privileges, granting them greater access to the system than intended. The affected products include specific versions of Acronis Cyber Protect Home Office, Acronis Agent, and Acronis Cyber Protect 15 for Windows. Users are urged to update their software to the latest builds to mitigate this risk.",Acronis,"Acronis Cyber Protect Home Office,Acronis Agent,Acronis Cyber Protect 15",8.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-31T16:15:00.000Z,0
CVE-2023-41742,https://securityvulnerability.io/vulnerability/CVE-2023-41742,Excessive Vulnerability Binding in Acronis Agent and Cyber Protect Products,"This vulnerability arises from an excessive attack surface created by binding the affected products to an unrestricted IP address. This flawed configuration could allow unauthorized access and manipulation of data on these systems. Organizations utilizing Acronis Agent or Acronis Cyber Protect 15 should apply the latest updates to mitigate potential exploitation, as the earlier builds are susceptible to this security risk.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",4.3,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2023-08-31T15:15:00.000Z,0
CVE-2022-45451,https://securityvulnerability.io/vulnerability/CVE-2022-45451,Local Privilege Escalation in Acronis Cyber Protect Products,"A vulnerability exists in Acronis products that allows local privilege escalation due to insecure permissions on the driver communication port. This issue affects multiple versions of Acronis software, including Acronis Cyber Protect Home Office, Acronis Agent, and Acronis Cyber Protect 15. Users of these products are advised to update to the latest versions to mitigate this security risk. For more information, refer to Acronis advisory documents SEC-4858 and SEC-5487.",Acronis,"Acronis Cyber Protect Home Office,Acronis Agent,Acronis Cyber Protect 15",8.8,HIGH,0.0004199999966658652,false,,false,false,true,2022-12-15T19:16:20.000Z,true,false,false,,2023-08-31T14:43:49.464Z,0
CVE-2022-45450,https://securityvulnerability.io/vulnerability/CVE-2022-45450,Sensitive Information Exposure in Acronis Agent and Cyber Protect Products,"Acronis Agent and Acronis Cyber Protect 15 are susceptible to vulnerabilities that allow for sensitive information disclosure and manipulation due to improper authorization. This affects various platforms, including Linux, macOS, and Windows, before specified builds. It is critical to ensure your software is updated to the latest builds to mitigate potential risks associated with this vulnerability.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",5.4,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-05-18T09:27:38.534Z,0
CVE-2022-45459,https://securityvulnerability.io/vulnerability/CVE-2022-45459,Sensitive Information Disclosure in Acronis Agent and Cyber Protect Products,"This vulnerability arises from insecure registry permissions in Acronis Agent and Acronis Cyber Protect, potentially allowing unauthorized access to sensitive information. Affected users running versions prior to build 30025 for Acronis Agent and build 30984 for Acronis Cyber Protect on Windows may face significant security risks. It is crucial to apply the necessary updates to mitigate this exposure.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",3.8,LOW,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-05-18T09:26:22.045Z,0
CVE-2022-45458,https://securityvulnerability.io/vulnerability/CVE-2022-45458,Improper Certification Validation in Acronis Agent and Cyber Protect by Acronis,"A vulnerability exists in Acronis Agent and Acronis Cyber Protect due to improper validation of certification which can lead to sensitive information disclosure and unauthorized manipulation of data. Applications affected include Acronis Agent for Windows, macOS, and Linux before build 29633, and Acronis Cyber Protect 15 for the same platforms before build 30984. Users are encouraged to update their software to mitigate the risks associated with this vulnerability.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",4.2,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-05-18T09:25:04.232Z,0
CVE-2022-45457,https://securityvulnerability.io/vulnerability/CVE-2022-45457,Sensitive Information Disclosure in Acronis Agent and Acronis Cyber Protect,"This vulnerability involves sensitive information disclosure and manipulation due to improper certification validation in Acronis products. Affected versions include Acronis Agent for Windows prior to build 29633 and Acronis Cyber Protect 15 for Windows before build 30984, which may allow unauthorized access to sensitive data. Users are advised to update to the latest builds to mitigate these risks.",Acronis,"Acronis Agent,Acronis Cyber Protect 15",4.2,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-05-18T09:23:51.453Z,0
CVE-2022-45452,https://securityvulnerability.io/vulnerability/CVE-2022-45452,Local Privilege Escalation in Acronis Agent and Acronis Cyber Protect by Acronis,This vulnerability involves local privilege escalation caused by insecure folder permissions in Acronis software. Attackers may exploit these permissions to gain unauthorized access and potentially execute malicious code with elevated privileges. Affected versions include Acronis Agent (Windows) prior to build 30430 and Acronis Cyber Protect 15 (Windows) before build 30984.,Acronis,"Acronis Agent,Acronis Cyber Protect 15",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-18T09:21:55.932Z,0