CVE-2025-57789

An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*

History

21 Aug 2025, 14:40

Type	Values Removed	Values Added
CPE		cpe:2.3:a:commvault:commvault::::::::
References	~~() https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html -~~	() https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html - Vendor Advisory
First Time		Commvault Commvault commvault
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.4

20 Aug 2025, 14:39

Type	Values Removed	Values Added
Summary		(es) Se detectó un problema en Commvault antes de la versión 11.36.60. Durante el breve periodo entre la instalación y el primer inicio de sesión del administrador, atacantes remotos podrían explotar las credenciales predeterminadas para obtener el control administrativo. Esto se limita a la fase de configuración, antes de configurar cualquier tarea.

20 Aug 2025, 04:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-20 04:16

Updated : 2025-08-21 14:40

NVD link : CVE-2025-57789

Mitre link : CVE-2025-57789

CVE.ORG link : CVE-2025-57789

JSON object : View

Products Affected

commvault

commvault

CWE

CWE-257

Storing Passwords in a Recoverable Format

{"id": "CVE-2025-57789", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-20T04:16:03.847", "references": [{"url": "https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-257"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Commvault antes de la versi\u00f3n 11.36.60. Durante el breve periodo entre la instalaci\u00f3n y el primer inicio de sesi\u00f3n del administrador, atacantes remotos podr\u00edan explotar las credenciales predeterminadas para obtener el control administrativo. Esto se limita a la fase de configuraci\u00f3n, antes de configurar cualquier tarea."}], "lastModified": "2025-08-21T14:40:24.883", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ABD6584-4B5A-49F4-B2FD-B53B4ECAF0C5", "versionEndExcluding": "11.36.60"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}