First published: Mon Nov 29 2021(Updated: )
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Credit: security@acronis.com security@acronis.com
Affected Software | Affected Version | How to fix |
---|---|---|
Acronis Cyber Protect | <15 | |
Acronis Cyber Protect | =15 | |
Acronis Cyber Protect | =15-update1 | |
Acronis Cyber Protect | =15-update2 | |
Linux Linux kernel | ||
Microsoft Windows | ||
All of | ||
Any of | ||
Acronis Cyber Protect | <15 | |
Acronis Cyber Protect | =15 | |
Acronis Cyber Protect | =15-update1 | |
Acronis Cyber Protect | =15-update2 | |
Any of | ||
Linux Linux kernel | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-44200 refers to a vulnerability that allows for self cross-site scripting (XSS) on the devices page of Acronis Cyber Protect 15 (Windows, Linux) before build 28035.
CVE-2021-44200 affects Acronis Cyber Protect 15 (Windows, Linux) before build 28035 by enabling self cross-site scripting (XSS) on the devices page.
The severity of CVE-2021-44200 is medium with a CVSS score of 5.4.
To fix CVE-2021-44200 on Acronis Cyber Protect, make sure to update to build 28035 or a later version.
You can find more information about CVE-2021-44200 on the Acronis Security Advisory website: https://security-advisory.acronis.com/advisories/SEC-2803