CVSS: 8.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-44154
https://notcve.org/view.php?id=CVE-2023-44154
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación y manipulación de información sensible por autorización indebida. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-2436 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-44153
https://notcve.org/view.php?id=CVE-2023-44153
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. Divulgación de información confidencial debido al almacenamiento en texto claro de información confidencial en la memoria. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, macOS, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-1994 • CWE-312: Cleartext Storage of Sensitive Information CWE-316: Cleartext Storage of Sensitive Information in Memory •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-44152
https://notcve.org/view.php?id=CVE-2023-44152
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. Divulgación y manipulación de información sensible por autenticación inadecuada. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, macOS, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-1908 • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-41749
https://notcve.org/view.php?id=CVE-2023-41749
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 32047, Acronis Cyber Protect 15 (Windows) before build 35979. Divulgación de información sensible debido a la recopilación excesiva de información del sistema. Los siguientes productos se ven afectados: Acronis Agent (Windows) antes de la compilación 32047, Acronis Cyber ??Protect 15 (Windows) antes de la compilación 35979. • https://security-advisory.acronis.com/advisories/SEC-5287 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-41745
https://notcve.org/view.php?id=CVE-2023-41745
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. • https://security-advisory.acronis.com/advisories/SEC-2008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •