Описание
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:commvault:edge:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack1:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack2:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack3:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack4:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack5:*:*:*:*:*:*
cpe:2.3:a:commvault:edge:11.0.0:service_pack6:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.46232
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-121
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
CVSS3: 9.8
fstec
почти 9 лет назад
Уязвимость службы Communications Service программного средства резервного копирования данных Commvault Edge, вызванная переполнением буфера, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 98%
0.46232
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-121
CWE-119