How severe is CVE-2025-57788?

CVE-2025-57788 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-57788

Name: commvault
Author: commvault

6.5MEDIUM

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

Publicado: 8/20/2025Atualizado: 9/10/2025

Descrição

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

Análise IADesenvolvido por IA

Produtos Afetados

commvaultcommvault

Referências

https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html
Vendor Advisory
https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/#wt-2025-0047hardcoded-credentials
ExploitThird Party Advisory