How severe is CVE-2025-57788?

CVE-2025-57788 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-57788

Name: commvault
Author: commvault

6.5MEDIUM

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

게시됨: 8/20/2025업데이트됨: 9/10/2025

설명

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

AI 분석AI 기반

영향받는 제품

commvaultcommvault

참조

https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html
Vendor Advisory
https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/#wt-2025-0047hardcoded-credentials
ExploitThird Party Advisory