- Advisory ID: CV_2024_09_2
- Severity: MEDIUM
- Issued: 2024-09-25
- Updated: 2024-10-02
DLL injection vulnerability is possible when installing maintenance releases for Commvault products on Windows.
Impacted Products
| Product | Versions | Platforms | Resolved Versions | Status |
|---|---|---|---|---|
| Commvault | 11.36.0 | Windows | 11.36.15 | resolved |
| Commvault | 11.34.0 | Windows | 11.34.37 | resolved |
| Commvault | 11.32.0 | Windows | 11.32.65 | resolved |
| Commvault | 11.28.0 | Windows | 11.28.124 | resolved |
| Commvault | 11.20.0 | Windows | 11.20.202 | resolved |
Resolution
To fix this vulnerability, install the specified minimum maintenance release or higher version for the corresponding platform release.