Acronis Cyber Protect 15
Approved changes feed: RSS · Atom
cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*
part: a version: 15 update: -
| Vendor | Acronis (d64000ef-8c61-5ba5-86d7-61c680cdcd75) |
|---|---|
| Product | Cyber Protect (1ac31a90-da9c-5f08-8f9b-127a23b1d233) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-30416 |
vulnerable | 2026-06-03 15:00:28.266967 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:31:27.426Z
Updated: 2026-02-26T14:44:13.675Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30412 |
vulnerable | 2026-06-03 15:00:28.260619 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:30:33.503Z
Updated: 2026-02-26T14:44:13.951Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30411 |
vulnerable | 2026-06-03 15:00:28.249456 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:30:14.748Z
Updated: 2026-02-26T14:44:14.096Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44207 |
vulnerable | 2026-06-03 14:53:05.670768 |
Details available
MEDIUM (6.7)
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:27.141Z
Updated: 2024-09-23T20:08:36.611Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44206 |
vulnerable | 2026-06-03 14:53:05.670134 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:16.923Z
Updated: 2024-09-23T20:13:38.682Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44205 |
vulnerable | 2026-06-03 14:53:05.666064 |
Details available
LOW (3.5)
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:46.915Z
Updated: 2024-09-23T18:06:49.914Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44161 |
vulnerable | 2026-06-03 14:53:05.114114 |
Details available
LOW (3.1)
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:35.358Z
Updated: 2024-09-23T18:07:11.537Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44160 |
vulnerable | 2026-06-03 14:53:05.113612 |
Details available
LOW (3.1)
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:23.677Z
Updated: 2024-08-02T19:59:50.995Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44159 |
vulnerable | 2026-06-03 14:53:05.113081 |
Details available
MEDIUM (5.5)
Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:06.679Z
Updated: 2024-09-23T18:06:19.272Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44158 |
vulnerable | 2026-06-03 14:53:05.112563 |
Details available
LOW (3.5)
Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:12.850Z
Updated: 2024-09-23T18:07:34.572Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44157 |
vulnerable | 2026-06-03 14:53:05.112050 |
Details available
LOW (3.3)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979.
Published: 2023-09-27T12:01:02.383Z
Updated: 2024-09-23T18:08:04.787Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44156 |
vulnerable | 2026-06-03 14:53:05.111558 |
Details available
MEDIUM (5.7)
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:56.823Z
Updated: 2024-09-23T18:06:33.949Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44155 |
vulnerable | 2026-06-03 14:53:05.110887 |
Details available
MEDIUM (4.4)
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:00:50.339Z
Updated: 2024-09-23T18:11:04.492Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44154 |
vulnerable | 2026-06-03 14:53:05.110254 |
Details available
MEDIUM (4.6)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:00:34.428Z
Updated: 2024-09-23T19:26:20.584Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44153 |
vulnerable | 2026-06-03 14:53:05.109654 |
Details available
LOW (2.2)
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-09-27T12:00:09.210Z
Updated: 2024-09-23T19:26:52.210Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44152 |
vulnerable | 2026-06-03 14:53:05.106087 |
Details available
MEDIUM (6.1)
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-09-27T11:59:56.524Z
Updated: 2024-09-23T18:11:17.766Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41749 |
vulnerable | 2026-06-03 14:52:52.290305 |
Details available
MEDIUM (4.4)
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 32047, Acronis Cyber Protect 15 (Windows) before build 35979.
Published: 2023-08-31T20:17:55.126Z
Updated: 2024-09-26T20:44:01.039Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41745 |
vulnerable | 2026-06-03 14:52:52.283076 |
Details available
MEDIUM (6.1)
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-08-31T17:16:56.516Z
Updated: 2024-09-27T14:16:25.438Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41744 |
vulnerable | 2026-06-03 14:52:52.282459 |
Details available
HIGH (7.8)
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979.
Published: 2023-08-31T15:14:13.720Z
Updated: 2024-10-01T17:25:21.815Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41743 |
vulnerable | 2026-06-03 14:52:52.272133 |
Details available
HIGH (8.8)
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575.
Published: 2023-08-31T15:04:10.802Z
Updated: 2026-04-10T13:15:35.617Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41742 |
vulnerable | 2026-06-03 14:52:52.267191 |
Details available
MEDIUM (4.3)
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-08-31T14:27:28.948Z
Updated: 2024-09-27T14:17:36.928Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45459 |
vulnerable | 2026-06-03 14:48:24.265963 |
Details available
LOW (3.8)
Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:26:22.045Z
Updated: 2025-01-22T16:18:57.514Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45458 |
vulnerable | 2026-06-03 14:48:24.265435 |
Details available
MEDIUM (4.2)
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.
Published: 2023-05-18T09:25:04.232Z
Updated: 2025-01-22T14:43:05.998Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45457 |
vulnerable | 2026-06-03 14:48:24.264920 |
Details available
MEDIUM (4.2)
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:23:51.453Z
Updated: 2025-01-22T14:43:42.077Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45455 |
vulnerable | 2026-06-03 14:48:24.259803 |
Details available
MEDIUM (6.6)
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-02-13T09:27:01.356Z
Updated: 2025-03-21T14:48:25.891Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45454 |
vulnerable | 2026-06-03 14:48:24.259304 |
Details available
LOW (2.2)
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-02-13T09:25:26.680Z
Updated: 2025-03-21T14:48:53.018Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45453 |
vulnerable | 2026-06-03 14:48:24.258807 |
Details available
MEDIUM (5.3)
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
Published: 2023-05-18T09:19:10.914Z
Updated: 2025-01-22T14:45:54.838Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45452 |
vulnerable | 2026-06-03 14:48:24.258343 |
Details available
HIGH (7.3)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:21:55.932Z
Updated: 2025-01-22T14:44:25.933Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45450 |
vulnerable | 2026-06-03 14:48:24.250035 |
Details available
MEDIUM (5.4)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
Published: 2023-05-18T09:27:38.534Z
Updated: 2025-01-22T16:18:42.210Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45449 |
vulnerable | 2026-06-03 14:48:24.245167 |
Details available
HIGH (7.7)
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
Published: 2024-07-16T14:47:21.100Z
Updated: 2024-08-03T14:17:00.910Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3405 |
vulnerable | 2026-06-03 14:47:58.281118 |
Details available
CRITICAL (9.3)
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
Published: 2023-05-03T10:49:47.642Z
Updated: 2025-02-03T18:23:43.444Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30995 |
vulnerable | 2026-06-03 14:47:10.391900 |
Details available
CRITICAL (9.3)
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
Published: 2023-05-03T10:50:45.883Z
Updated: 2025-01-30T15:19:32.564Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30994 |
vulnerable | 2026-06-03 14:47:10.379245 |
Cleartext transmission of sensitive information
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240
Published: 2022-05-18T19:41:32.839Z
Updated: 2024-09-17T02:06:03.286Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30993 |
vulnerable | 2026-06-03 14:47:10.378595 |
Cleartext transmission of sensitive information
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:42:02.470Z
Updated: 2024-09-17T04:20:12.370Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30992 |
vulnerable | 2026-06-03 14:47:10.377933 |
Open redirect via user-controlled query parameter
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:42:45.904Z
Updated: 2024-09-16T19:10:09.912Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30991 |
vulnerable | 2026-06-03 14:47:10.377451 |
HTML injection via report name
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:43:14.157Z
Updated: 2024-09-17T01:46:35.314Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30990 |
vulnerable | 2026-06-03 14:47:10.373695 |
Sensitive information disclosure due to insecure folder permissions
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037
Published: 2022-05-18T19:38:04.964Z
Updated: 2024-09-17T03:49:05.176Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24113 |
vulnerable | 2026-06-03 14:46:29.353303 |
Local privilege escalation due to excessive permissions assigned to child processes
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Published: 2022-02-04T22:29:30.215Z
Updated: 2024-09-16T19:57:01.189Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44204 |
vulnerable | 2026-06-03 14:45:35.630932 |
Local privilege escalation via named pipe due to improper access control checks
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Published: 2022-02-04T22:29:33.071Z
Updated: 2024-09-17T01:12:21.982Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44203 |
vulnerable | 2026-06-03 14:45:35.622785 |
Stored cross-site scripting (XSS) was possible in protection plan details
Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:01.156Z
Updated: 2024-09-16T22:45:05.734Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44202 |
vulnerable | 2026-06-03 14:45:35.622358 |
Stored cross-site scripting (XSS) was possible in activity details
Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:06.652Z
Updated: 2024-09-17T00:35:33.222Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44201 |
vulnerable | 2026-06-03 14:45:35.621910 |
Cross-site scripting (XSS) was possible in notification pop-ups
Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:18:51.474Z
Updated: 2024-09-17T01:36:52.438Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44200 |
vulnerable | 2026-06-03 14:45:35.620056 |
Self cross-site scripting (XSS) was possible on devices page
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:18.256Z
Updated: 2024-09-16T22:36:09.882Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44199 |
vulnerable | 2026-06-03 14:45:35.618516 |
DLL hijacking could lead to denial of service
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612
Published: 2021-11-29T18:19:12.590Z
Updated: 2024-09-16T22:20:30.242Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44198 |
vulnerable | 2026-06-03 14:45:35.614216 |
DLL hijacking could lead to local privilege escalation
DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035
Published: 2021-11-29T18:18:56.612Z
Updated: 2024-09-16T20:27:10.015Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38088 |
vulnerable | 2026-06-03 14:45:01.335517 |
Details available
Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.
Published: 2021-08-12T13:38:10.000Z
Updated: 2024-08-04T01:30:09.083Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38087 |
vulnerable | 2026-06-03 14:45:01.335079 |
Details available
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
Published: 2021-08-12T13:44:09.000Z
Updated: 2024-08-04T01:30:09.015Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38086 |
vulnerable | 2026-06-03 14:45:01.333957 |
Details available
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
Published: 2021-08-12T13:42:45.000Z
Updated: 2024-08-04T01:30:09.048Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35664 |
vulnerable | 2026-06-03 14:42:32.149737 |
Details available
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.
Published: 2021-02-22T02:13:33.000Z
Updated: 2024-08-04T17:09:14.593Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35556 |
vulnerable | 2026-06-03 14:42:32.017899 |
Details available
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.
Published: 2021-02-22T02:17:53.000Z
Updated: 2024-08-04T17:09:13.375Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.