How severe is CVE-2025-57788?

CVE-2025-57788 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-57788

Name: commvault
Author: commvault

6.5MEDIUM

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

Veröffentlicht: 8/20/2025Aktualisiert: 9/10/2025

Beschreibung

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

KI-AnalyseKI-gestützt

Betroffene Produkte

commvaultcommvault

Referenzen

https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html
Vendor Advisory
https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/#wt-2025-0047hardcoded-credentials
ExploitThird Party Advisory