Cloud manager

This hub aggregates every CVE we track for Cloud manager, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Cloud manager.

• CVE-2024-34012Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.24135.272.4.4Jun 14, 2024
• CVE-2023-41748Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.9.8Aug 31, 2023
• CVE-2023-41747Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.6.5Aug 31, 2023
• CVE-2023-41746Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.9.8Aug 31, 2023
• CVE-2023-0421Cloud Manager <= 1.0 - Reflected XSS6.1May 8, 2023
• CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9Dec 18, 2021
• CVE-2021-42550RCE from attacker with configuration edit priviledges through JNDI lookup6.6Dec 16, 2021
• CVE-2021-44228Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpointsKEV10.0Dec 10, 2021
• CVE-2021-27002NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy.7.5Oct 11, 2021
• CVE-2021-26999NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with aut...4.3Aug 6, 2021
• CVE-2021-26998NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while ...4.3Aug 6, 2021
• CVE-2021-31807An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. ...6.5Jun 8, 2021
• CVE-2021-31808An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sen...6.5May 27, 2021
• CVE-2021-31806An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Rang...6.5May 27, 2021
• CVE-2021-28651An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a s...7.5May 27, 2021