Medium severityNVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026
CVE-2025-34136
CVE-2025-34136
Description
An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19 Web Server component that allows a remote, unauthenticated attacker to perform SQL Injection. The vulnerability impacts systems where the CommServe and Web Server roles are installed. Other Commvault components deployed in the same environment are not affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.