CVE-2025-57789

Medium CVSS: 5.3

During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.

Vendor

Commvault

Product

Commvault

CWE

CWE-257

Yayın Tarihi

2025-08-20 04:16:03

Güncelleme

2025-09-10 16:15:40

Source Identifier

050066fd-a2f9-4f32-ab5d-4c53f48bc333

KEV Date Added

Kategoriler

CWE-257 Commvault MEDIUM Commvault 2025

Referanslar

https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html

Benzer Kayıtlar

Low

CVE-2025-12776

The Report Builder component of the application stores user input directly in a web page and displays it to other users,…

High

CVE-2025-57790

A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access thr…

Medium

CVE-2025-57791

A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments…

Medium

CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user…

High

CVE-2025-3928

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. Accordi…

Critical

CVE-2025-34028

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent insta…