CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34015
https://notcve.org/view.php?id=CVE-2024-34015
Sensitive information disclosure during file browsing due to improper soft link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818. Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818. • https://security-advisory.acronis.com/advisories/SEC-7601 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-34014
https://notcve.org/view.php?id=CVE-2024-34014
Arbitrary file overwrite during recovery due to improper soft link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818, Acronis Backup extension for Plesk (Linux) before build 599, Acronis Backup plugin for DirectAdmin (Linux) before build 181. Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818, Acronis Backup extension for Plesk (Linux) before build 599, Acronis Backup plugin for DirectAdmin (Linux) before build 181. • https://security-advisory.acronis.com/advisories/SEC-7592 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49386
https://notcve.org/view.php?id=CVE-2024-49386
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. Divulgación de información confidencial debido a la piratería de hechizos. Los siguientes productos se ven afectados: Acronis Cyber Files (Windows) antes de la compilación 9.0.0x24. • https://security-advisory.acronis.com/advisories/SEC-5129 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49389
https://notcve.org/view.php?id=CVE-2024-49389
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. Escalada de privilegios locales debido a permisos de carpetas inseguros. Los siguientes productos se ven afectados: Acronis Cyber Files (Windows) antes de la compilación 9.0.0x24. • https://security-advisory.acronis.com/advisories/SEC-5319 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49390
https://notcve.org/view.php?id=CVE-2024-49390
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. Escalada de privilegios locales debido a una vulnerabilidad de secuestro de DLL. Los siguientes productos están afectados: Acronis Cyber Files (Windows) antes de la compilación 9.0.0x24. • https://security-advisory.acronis.com/advisories/SEC-5845 • CWE-427: Uncontrolled Search Path Element •