Описание
During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.36.60 (исключая)
cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03902
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-257
Связанные уязвимости
CVSS3: 5.4
github
28 дней назад
An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.
EPSS
Процентиль: 88%
0.03902
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-257