Article ID: 54378
Article Type: Technical Reference
Last Modified:
CVE-2018-10115 and MS-ISAC Advisory number 2018-049 report a vulnerability in 7-Zip 18.03 and earlier versions. (7-Zip is a free and open-source file archiver.) The vulnerability might allow remote hackers to execute arbitrary code when data is extracted from RAR files.
Commvault software uses 7-Zip binaries. However, Commvault software does not use RAR compression and does not allow remote execution of the 7-Zip binaries.
All versions of Commvault V10 and V11 are unaffected by this vulnerability.