Keep track of the latest security vulnerabilities across your infrastructure stack.
A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.CVSS Score: 6.9 Medium Commvault Software The following versions are impacted. Versions that are not listed are either out of support or unaffected. To view version support lifecyle, see Platform Release Schedule and Lifecycles. Product Platforms Affected Versions Resolved Version Status Commvault Linux, Windows 11.32.0 - 11.32.101 11.32.102 Resolved Commvault Linux, Windows 11.36.0 - 11.36.59 11.36.60 Resolved
Argument Injection Vulnerability in CommServe
Vulnerability in Initial Administrator Login Process
Save as PDF A security vulnerability has been identified in the CommServe and Web Server installation that allows a remote SQL Injection attack without authentication. Other installations in the same system are not compromised by this vulnerability.CVSS Score: 5.5
DLL Injection Vulnerability in the Software Installation Path
Security vulnerability in Windows access nodes that are used for file server data protection
Authentication Bypass Vulnerabilities on CVWebService Endpoint
Discuss the latest advisories, swap patch-day notes with other infra teams, and get support — straight from the people who run VulniPulse.
Join the communityIf you want to support server/domain costs, please donate below — much love ❤️
Donate