Platform
other
Component
commvault-commcell
Fixed in
11.22.23
CVE-2021-34993 describes a critical authentication bypass vulnerability in Commvault CommCell versions up to 11.22.22. This flaw allows attackers to bypass authentication controls and potentially gain unauthorized access to the system. The vulnerability resides within the CVSearchService and stems from insufficient validation before authentication. Commvault has released a patch to address this issue.
The impact of CVE-2021-34993 is severe due to the ease of exploitation and the potential for widespread compromise. An attacker can leverage this vulnerability to gain unauthorized access to CommCell environments without needing valid credentials. This could lead to data breaches, data manipulation, system disruption, and potentially lateral movement within the network. Successful exploitation could allow an attacker to access sensitive data stored and managed by CommCell, including backups and recovery information. The lack of authentication requirements significantly lowers the barrier to entry for malicious actors.
CVE-2021-34993 was disclosed publicly on January 13, 2022. It is considered a high-priority vulnerability due to its critical severity and ease of exploitation. While no active exploitation campaigns have been publicly confirmed, the lack of authentication requirements makes it an attractive target for attackers. The vulnerability was initially reported to Commvault as ZDI-CAN-13706. It has not been added to the CISA KEV catalog as of this writing.
Exploit Status
EPSS
0.46% (64% percentile)
CVSS Vector
The primary mitigation for CVE-2021-34993 is to upgrade Commvault CommCell to a patched version. Refer to the Commvault advisory for the specific fixed version. If immediate patching is not possible due to compatibility concerns or testing requirements, consider implementing network segmentation to restrict access to the CommCell server. Review and strengthen existing access controls and monitoring to detect any suspicious activity. While a WAF cannot directly prevent this authentication bypass, it can help detect and block malicious requests targeting the vulnerable endpoint. After upgrading, verify the fix by attempting to access the CVSearchService without providing valid credentials; access should be denied.
Update Commvault CommCell to a version later than 11.22.22 to correct the authentication bypass vulnerability in the CVSearchService. Refer to the vendor website for specific update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-34993 is a critical vulnerability allowing attackers to bypass authentication in Commvault CommCell versions up to 11.22.22, potentially granting unauthorized access.
If you are running Commvault CommCell version 11.22.22 or earlier, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade Commvault CommCell to a version containing the security patch released by Commvault. Refer to the official Commvault advisory for details.
While no active exploitation campaigns have been publicly confirmed, the ease of exploitation makes it a potential target. Continuous monitoring is recommended.
Refer to the Commvault security advisory for CVE-2021-34993 on the Commvault website: [https://www.commvault.com/support/security/advisories/sb23001-cve-2021-34993](https://www.commvault.com/support/security/advisories/sb23001-cve-2021-34993)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.