Lucene search
K

207 matches found

GithubExploit
GithubExploit
added 2025/04/17 8:16 a.m.213 views

Exploit for Missing Authentication for Critical Function in Commvault

CVE-2025-34028 A Commvault Pre-Authenticated Remote Code Execu...

10CVSS10AI score0.97157EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.3 views

PT-2025-17556

Name of the Vulnerable Software and Affected Versions Commvault Command Center Innovation Release versions 11.38.0 through 11.38.19 Description A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded b...

10CVSS9AI score0.97157EPSS
Exploits5References164
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.32 views

Commvault Critical Webserver Vulnerability (CV_2025_03_1)

A critical webserver vulnerability exists in Commvault. A remote attacker can exploit this to execute arbitrary commands. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

8.8CVSS8.9AI score0.01932EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/03/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-3928

Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells...

8.8CVSS7.3AI score0.01932EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/24 12:0 a.m.3 views

PT-2025-17932 · Commvault · Commvault Web Server

Name of the Vulnerable Software and Affected Versions: Commvault Web Server versions prior to 11.20.217 Commvault Web Server versions prior to 11.28.141 Commvault Web Server versions prior to 11.32.89 Commvault Web Server versions prior to 11.36.46 Description: The Commvault Web Server has an...

9CVSS8.7AI score0.01932EPSS
Exploits0References130
VulnCheck KEV
VulnCheck KEV
added 2024/01/22 12:0 a.m.2 views

VulnCheck KEV: CVE-2021-34993

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper...

9.8CVSS7.3AI score0.05424EPSS
Exploits0References1
OSV
OSV
added 2022/01/13 10:15 p.m.4 views

CVE-2021-34997

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.6AI score0.04248EPSS
Exploits0References1
OSV
OSV
added 2022/01/13 10:15 p.m.4 views

CVE-2021-34996

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2022/01/13 10:15 p.m.5 views

CVE-2021-34995

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.6AI score0.68864EPSS
Exploits0References1
NVD
NVD
added 2022/01/13 10:15 p.m.23 views

CVE-2021-34995

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS0.68864EPSS
Exploits0References1
NVD
NVD
added 2022/01/13 10:15 p.m.35 views

CVE-2021-34996

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS0.82258EPSS
Exploits0References1
OSV
OSV
added 2022/01/13 10:15 p.m.3 views

CVE-2021-34993

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper...

9.8CVSS5.8AI score0.05424EPSS
Exploits0References1
OSV
OSV
added 2022/01/13 10:15 p.m.3 views

CVE-2021-34994

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider...

8.8CVSS6.1AI score0.05789EPSS
Exploits0References1
NVD
NVD
added 2022/01/13 10:15 p.m.33 views

CVE-2021-34994

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider...

8.8CVSS0.05789EPSS
Exploits0References1
Prion
Prion
added 2022/01/13 10:15 p.m.24 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS9AI score0.82258EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/01/13 10:15 p.m.19 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS9AI score0.04248EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/01/13 10:15 p.m.17 views

Authentication flaw

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper...

7.5CVSS9.6AI score0.05424EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/01/13 9:44 p.m.63 views

CVE-2021-34997

CVE-2021-34997 affects Commvault CommCell 11.22.22 (vulnerable versions include 11.22.x; fixed in 11.25+ per CNVD). Root cause: AppStudioUploadHandler validates user-supplied data inadequately, allowing arbitrary file uploads. This leads to remote code execution in the NETWORK SERVICE context. Ex...

8.8CVSS9AI score0.04248EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/13 9:44 p.m.45 views

CVE-2021-34997

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS9.2AI score0.04248EPSS
Exploits0References1
CVE
CVE
added 2022/01/13 9:44 p.m.52 views

CVE-2021-34996

CVE-2021-34996 affects Commvault CommCell 11.22.22, with a flaw in Demo_ExecuteProcessOnGroup that lets an attacker create a workflow to execute arbitrary commands as SYSTEM. Authentication bypass is possible; CVSS 3.1/8.8 (HIGH). Red Hat and CNVD note impact on versions prior to 11.25; upgrade t...

9CVSS9AI score0.82258EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder