CNNVD-202507-3285 Information

CNNVD ID

CNNVD-202507-3285

Related CVE

CVE-2025-34136

• CNNVD Published: 2025-07-25

Description (Chinese)

Commvault是美国Commvault公司的一个数据备份、恢复软件。 Commvault 11.32.0至11.32.93版本、11.36.0至11.36.51版本和11.38.0至11.38.19版本存在安全漏洞，该漏洞源于Web Server组件存在SQL注入漏洞。

Description (English)

Commvault is a data backup, recovery software for Comvault in the United States. There is a security loophole between 11.32.0 and 11.32.93, 11.36.0 to 11.36.51 and 11.38.0 to 11.38.19, which stems from the SQL injection gap in the Web Server component.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Commvault

Published

2025-07-25

Last Modified

2026-02-24

References

https://documentation.commvault.com/securityadvisories/CV_2025_04_2.html https://www.vulncheck.com/advisories/commvault-commserve-web-server-unauth-sqli https://access.redhat.com/security/cve/cve-2025-34136

Patch

https://documentation.commvault.com/securityadvisories/CV_2024_09_1.html