CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-44200 – Self cross-site scripting (XSS) was possible on devices page
https://notcve.org/view.php?id=CVE-2021-44200
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 Era posible una vulnerabilidad de tipo cross-site scripting (XSS) propio en la página de dispositivos. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Windows, Linux) versiones anteriores a la compilación 28035 • https://security-advisory.acronis.com/advisories/SEC-2803 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-44199 – DLL hijacking could lead to denial of service
https://notcve.org/view.php?id=CVE-2021-44199
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612 Un secuestro de DLL podía conllevar a una denegación de servicio. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Windows) versiones anteriores a la compilación 28035, Acronis Agent (Windows) versiones anteriores a la compilación 27305, Acronis Cyber Protect Home Office (Windows) versiones anteriores a la compilación 39612 • https://security-advisory.acronis.com/advisories/SEC-2508 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-44202 – Stored cross-site scripting (XSS) was possible in activity details
https://notcve.org/view.php?id=CVE-2021-44202
Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 Era posible una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en los detalles de la actividad. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Windows, Linux) versiones anteriores a la compilación 28035 • https://security-advisory.acronis.com/advisories/SEC-3283 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-44203 – Stored cross-site scripting (XSS) was possible in protection plan details
https://notcve.org/view.php?id=CVE-2021-44203
Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 Era posible una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en los detalles del plan de protección. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Windows, Linux) versiones anteriores a la compilación 28035 • https://security-advisory.acronis.com/advisories/SEC-3294 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44198 – DLL hijacking could lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-44198
DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035 Un secuestro de DLL podría conllevar a una escalada de privilegios local. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Windows) versiones anteriores a la compilación 28035 • https://security-advisory.acronis.com/advisories/SEC-2128 • CWE-427: Uncontrolled Search Path Element •