CVE-2025-57791

Medium CVSS: 6.9

A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments passed to internal components due to insufficient input validation. Successful exploitation results in a valid user session for a low privilege role.

Vendor

Commvault

Product

Commvault

CWE

CWE-88

Yayın Tarihi

2025-08-20 04:16:04

Güncelleme

2025-09-10 16:15:40

Source Identifier

050066fd-a2f9-4f32-ab5d-4c53f48bc333

KEV Date Added

Kategoriler

CWE-88 Commvault MEDIUM Commvault 2025

Referanslar

https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html

Benzer Kayıtlar

Low

CVE-2025-12776

The Report Builder component of the application stores user input directly in a web page and displays it to other users,…

High

CVE-2025-57790

A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access thr…

Medium

CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user…

Medium

CVE-2025-57789

During the brief window between installation and the first administrator login, remote attackers may exploit the default…

High

CVE-2025-3928

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. Accordi…

Critical

CVE-2025-34028

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent insta…