CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-45453
https://notcve.org/view.php?id=CVE-2022-45453
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. • https://security-advisory.acronis.com/advisories/SEC-5112 • CWE-310: Cryptographic Issues CWE-326: Inadequate Encryption Strength •
CVSS: 9.3EPSS: 0%CPEs: 21EXPL: 0CVE-2022-30995
https://notcve.org/view.php?id=CVE-2022-30995
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. • https://security-advisory.acronis.com/advisories/SEC-3855 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 0%CPEs: 21EXPL: 1CVE-2022-3405
https://notcve.org/view.php?id=CVE-2022-3405
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. • https://herolab.usd.de/security-advisories/usd-2022-0008 https://security-advisory.acronis.com/advisories/SEC-4092 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2360
https://notcve.org/view.php?id=CVE-2023-2360
Sensitive information disclosure due to CORS misconfiguration. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.2.0-135. • https://security-advisory.acronis.com/advisories/SEC-4215 • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-2355
https://notcve.org/view.php?id=CVE-2023-2355
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3900. • https://security-advisory.acronis.com/advisories/SEC-4048 • CWE-427: Uncontrolled Search Path Element •