Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Commvault — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Commvault. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Commvault provides enterprise data management and backup solutions, serving as critical infrastructure for data protection and recovery. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from authentication bypasses or insecure default configurations. While no major public security incidents have been widely reported, the 16 documented CVEs highlight potential risks in web interfaces and API endpoints. The platform's security posture emphasizes encryption and access controls, though organizations should regularly patch and audit deployments to mitigate exposure to known exploits targeting its backup and data management capabilities.

Top products by Commvault: CommCell Commvault Service Pack 6 Web Server Command Center Innovation Release Commvault for Windows WebConsole
CVE IDTitleCVSSSeverityPublished
CVE-2025-12776 Stored Cross-Site Scripting — WebConsoleCWE-79 5.4 -2026-01-07
CVE-2025-57791 Argument Injection Vulnerability in CommServe — CommCellCWE-88 8.8 -2025-08-20
CVE-2025-57790 Path Traversal Vulnerability — CommCellCWE-36 9.8 -2025-08-20
CVE-2025-57789 Vulnerability in Initial Administrator Login Process — CommCellCWE-257 8.1 -2025-08-20
CVE-2025-57788 Unauthorized API Access Risk — CommCellCWE-259 9.4 -2025-08-20
CVE-2024-13976 Commvault 11.20.0 - 11.36.0 Windows Maintenance Installer DLL Injection — Commvault for WindowsCWE-427 7.3 -2025-07-25
CVE-2024-13975 Commvault 11.20.0 - 11.36.0 Windows Access Nodes Compromise via Local File Server Agent Abuse — CommvaultCWE-269 6.7 -2025-07-25
CVE-2025-34136 Commvault CommServe Web Server Unauthenticated SQL Injection — CommvaultCWE-89 9.8 -2025-07-25
CVE-2025-3928 Commvault Web Server unspecified vulnerability — Web Server 8.8 High2025-04-25
CVE-2025-34028 Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal — Command Center Innovation ReleaseCWE-22 9.8 -2025-04-22
CVE-2021-34997 Commvault CommCell 代码问题漏洞 — CommCellCWE-434 8.8 -2022-01-13
CVE-2021-34996 Commvault CommCell 安全漏洞 — CommCellCWE-749 8.8 -2022-01-13
CVE-2021-34995 Commvault CommCell 代码问题漏洞 — CommCellCWE-434 8.8 -2022-01-13
CVE-2021-34994 Commvault CommCell 代码注入漏洞 — CommCellCWE-20 8.8 -2022-01-13
CVE-2021-34993 Commvault CommCell 授权问题漏洞 — CommCellCWE-287 9.8 -2022-01-13
CVE-2017-3195 Commvault Edge Communication Service 缓冲区错误漏洞 — Service Pack 6CWE-121 9.8 -2017-12-15

This page lists every published CVE security advisory associated with Commvault. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.