- Advisory ID: CV_2025_06_4
- Issued: 2025-06-06
- Updated: 2025-06-06
The application's authorization schema allows users without associated entities or user groups to access certain restricted pages. While UI access controls can be bypassed, the application has built-in validations that limit the ability to perform unauthorized actions.
CVSS Score: 0.0
Acknowledgments:
We thank NCIA researchers for responsibly disclosing this issue.
Impacted Products
This vulnerability does not affect Commvault products.
Resolution
None