logo

Security Advisories

Documentation Cloud Services Solutions
< Back

CV_2024_09_2: DLL Injection Vulnerability in the Software Installation Path MEDIUM

  • Advisory ID: CV_2024_09_2
  • Severity: MEDIUM
  • Issued: 2024-09-25
  • Updated: 2024-09-26

DLL injection vulnerability is possible when installing maintenance releases for Commvault products on Windows.

Impacted Products

Product Versions Platforms Resolved Versions Status
Commvault 11.36.0 Windows 11.36.15 resolved
Commvault 11.34.0 Windows 11.34.37 resolved
Commvault 11.32.0 Windows 11.32.65 resolved
Commvault 11.28.0 Windows 11.28.124 resolved
Commvault 11.20.0 Windows 11.20.202 resolved

Resolution

To fix this vulnerability, install the specified minimum maintenance release or higher version for the corresponding platform release.

Documentation

https://documentation.commvault.com

< Back