exploitDog

GHSA-w78r-f8w4-qxcq

Опубликовано: 20 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 6.9

CVSS3: 6.5

Описание

An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

Ссылки

EPSS

Процентиль: 85%

0.02625

Низкий

6.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-259

Связанные уязвимости

CVE-2025-57788

CVSS3: 6.5

nvd

28 дней назад

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

EPSS

Процентиль: 85%

0.02625

Низкий

6.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-259