Improper Credential Validation in Commvault SecurityIQ for Cortex XSOAR and Cortex XSIAM
CVE-2026-0274
8.1HIGH
What is CVE-2026-0274?
A vulnerability exists in the Commvault SecurityIQ integration for Cortex XSOAR and Cortex XSIAM that allows an unauthenticated attacker to bypass credential validation controls. This flaw could enable unauthorized access and modification of sensitive resources, leading to potential data breaches and security incidents. Organizations using these integrations should evaluate their security posture and apply necessary mitigations to protect against unauthorized access.
Affected Version(s)
Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1.0 < 1.2.0
Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1.0 < 1.2.0
References
CVSS V4
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
our internal security research teams