logo

Security Advisories

Documentation Cloud Services Solutions
< Back

CV_2024_09_2: DLL Injection Vulnerability in the Software Installation Path MEDIUM

  • Advisory ID: CV_2024_09_2
  • Severity: MEDIUM
  • Issued: 2024-09-25
  • Updated: 2024-10-02

DLL injection vulnerability is possible when installing maintenance releases for Commvault products on Windows.

Impacted Products

Product Platforms Affected Versions Resolved Version Status
Commvault Windows 11.36.0 11.36.15 Resolved
Commvault Windows 11.34.0 11.34.37 Resolved
Commvault Windows 11.32.0 11.32.65 Resolved
Commvault Windows 11.28.0 11.28.124 Resolved
Commvault Windows 11.20.0 11.20.202 Resolved

Resolution

To fix this vulnerability, install the specified minimum maintenance release or higher version for the corresponding platform release.

Documentation

https://documentation.commvault.com

< Back