7 advisories tracked · Commvault Cloud Security Advisories · checked automatically every minute
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in Commvault's recent advisories.
Commvault Cloud Security Advisories
Polled by parsing the official Commvault security-advisories index (documentation.commvault.com), which lists every CV_YYYY_MM_N advisory with its CVEs and dates. Advisory pages are fetched for new items to extract severity, impacted products and the Feature Release / Maintenance Release fix table.
Visit Commvault security advisoriesA vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.CVSS Score: 6.9 Medium Commvault Software The following versions are impacted. Versions that are not listed are either out of support or unaffected. To view version support lifecyle, see Platform Release Schedule and Lifecycles. Product Platforms Affected Versions Resolved Version Status Commvault Linux, Windows 11.32.0 - 11.32.101 11.32.102 Resolved Commvault Linux, Windows 11.36.0 - 11.36.59 11.36.60 Resolved
Argument Injection Vulnerability in CommServe
Vulnerability in Initial Administrator Login Process
Save as PDF A security vulnerability has been identified in the CommServe and Web Server installation that allows a remote SQL Injection attack without authentication. Other installations in the same system are not compromised by this vulnerability.CVSS Score: 5.5
DLL Injection Vulnerability in the Software Installation Path
Security vulnerability in Windows access nodes that are used for file server data protection
Authentication Bypass Vulnerabilities on CVWebService Endpoint