Vulnerabilities > Commvault
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2021-34993 | Improper Authentication vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. | 9.8 |
| 2022-01-13 | CVE-2021-34994 | Code Injection vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2022-01-13 | CVE-2021-34995 | Unrestricted Upload of File with Dangerous Type vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2022-01-13 | CVE-2021-34996 | Unspecified vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2022-01-13 | CVE-2021-34997 | Unrestricted Upload of File with Dangerous Type vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2020-10-29 | CVE-2020-25780 | Path Traversal vulnerability in Commvault Commcell 11.22/11.22.22 In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder. | 7.5 |
| 2018-01-19 | CVE-2017-18044 | OS Command Injection vulnerability in Commvault 11.0 A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. | 9.8 |
| 2017-12-16 | CVE-2017-3195 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Commvault Edge 11.0.0 Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges. | 9.8 |