Unauthorized API Access Risk
Summary
A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.CVSS Score: 6.9 Medium Commvault Software The following versions are impacted. Versions that are not listed are either out of support or unaffected. To view version support lifecyle, see Platform Release Schedule and Lifecycles. Product Platforms Affected Versions Resolved Version Status Commvault Linux, Windows 11.32.0 - 11.32.101 11.32.102 Resolved Commvault Linux, Windows 11.36.0 - 11.36.59 11.36.60 Resolved
- Affected Versions
- 11.32.0 - 11.32.101
- 11.36.0 - 11.36.59
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
- 11.32.102
- 11.36.60
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- Install the listed maintenance release (or a more recent one) for your feature release: 11.32.102, 11.36.60.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.