SB2021112404 - Multiple vulnerabilities in Commvault CommCell

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021112404

SB2021112404 - Multiple vulnerabilities in Commvault CommCell

Published: November 24, 2021

Security Bulletin ID SB2021112404
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 80%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Improper Authentication (CVE-ID: CVE-2021-34993)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests within the CVSearchService service. A remote attacker can bypass authentication process and gain unauthorized access to the application.


2) Arbitrary file upload (CVE-ID: CVE-2021-34997)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file during file upload within the AppStudioUploadHandler class. A remote authenticated attacker can upload a malicious file and execute it on the server.


3) Code Injection (CVE-ID: CVE-2021-34996)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation within the Demo_ExecuteProcessOnGroup workflow. A remote authenticated attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Code Injection (CVE-ID: CVE-2021-34994)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation of a user-supplied string before executing it as JavaScript code within the DataProvider class. A remote authenticated attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Arbitrary file upload (CVE-ID: CVE-2021-34995)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file during file upload within the DownloadCenterUploadHandler class. A remote authenticated attacker can upload a malicious file and execute it on the server.


Remediation

Install update from vendor's website.

References