3 advisories tracked · Commvault Cloud Security Advisories · checked automatically every minute
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in Commvault's recent advisories.
Commvault Cloud Security Advisories
Polled by parsing the official Commvault security-advisories index (documentation.commvault.com), which lists every CV_YYYY_MM_N advisory with its CVEs and dates. Advisory pages are fetched for new items to extract severity, impacted products and the Feature Release / Maintenance Release fix table.
Visit Commvault security advisoriesA security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.CVSS Score: 8.7 High Commvault Software The following versions are impacted. Versions that are not listed are either out of support or unaffected. To view version support lifecyle, see Platform Release Schedule and Lifecycles. Product Platforms Affected Versions Resolved Version Status Commvault Linux, Windows 11.32.0 - 11.32.101 11.32.102 Resolved Commvault Linux, Windows 11.36.0 - 11.36.59 11.36.60 Resolved
CVE.Org link: CVE-2025-3928 Save as PDF A vulnerability has been identified and remediated in all supported versions of the Commvault software. Webservers can be compromised through bad actors creating and executing webshells. Exploiting this vulnerability requires a bad actor to have authenticated user credentials within the Commvault Software environment. Unauthenticated access is not exploitable. For software customers, this means your environment must be: (i) accessible via the internet, (ii) compromised through an unrelated avenue, and (iii) accessed leveraging legitimate user credentials.
Local Privilege Escalation Vulnerability in Polkit's pkexec Utility