Remote Command Execution Vulnerability in Commvault Edge Server
CVE-2015-7253

Currently unrated

Key Information:

Vendor: Commvault
Status: Edge Server
Vendor: CVE Published:; 4 November 2015

What is CVE-2015-7253?

The Web Console of Commvault Edge Server 10 R2 contains a vulnerability that allows remote attackers to execute arbitrary operating system commands. This can be achieved by sending specially crafted serialized data within a cookie, potentially compromising the security of the system and leading to unauthorized access.

References

http://www.kb.cert.org/vuls/id/866432

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2015
Vulnerability Reserved
Sep 18, 2015