Commvault Communication Service (CVD) Command Injection Vulnerability

Article ID: 54360

Article Type: Technical Reference

Last Modified:

A vulnerability exists in the cvd.exe service that allows an attacker to execute arbitrary commands in the context of the service. MetaSploit identification of vulnerability is reported here.

This vulnerability was addressed in Service Pack 7 for Commvault software Version 11, and Service Pack 15 for Version 10. Commvault software administrators are encouraged to install the service packs listed above or the latest available service pack for the applicable software version.

1 Commvault Way, Tinton Falls, NJ 07724 Sitemap | Legal Notices | Trademarks | Privacy Policy
Copyright © 2022 Commvault | All Rights Reserved.