CVE-2020-25780

HIGH NUCLEI

Commvault Commcell < 14.68 - Path Traversal

Title source: rule

Description

In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.

Nuclei Templates (1)

Commvault CommCell - Local File Inclusion

HIGHby pdteam

References (1)

[Vendor Advisory] http://kb.commvault.com/article/63264

Scores

CVSS v3 7.5

EPSS 0.6336

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

commvault/commcell < 14.68

Published Oct 29, 2020

Tracked Since Feb 18, 2026