A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 11 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 10 Sep 2025 16:00:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution. A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.

Thu, 21 Aug 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Commvault commvault
CPEs cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*
Vendors & Products Commvault commvault
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


Thu, 21 Aug 2025 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Commvault
Commvault commcell
Vendors & Products Commvault
Commvault commcell

Wed, 20 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 20 Aug 2025 03:45:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.
Title Path Traversal Vulnerability
Weaknesses CWE-36
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-09-11T14:03:15.394Z

Reserved: 2025-08-19T18:25:57.338Z

Link: CVE-2025-57790

cve-icon Vulnrichment

Updated: 2025-08-20T13:30:14.252Z

cve-icon NVD

Status : Modified

Published: 2025-08-20T04:16:04.090

Modified: 2025-09-10T16:15:40.543

Link: CVE-2025-57790

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-21T12:31:31Z