Answer

Apache Vulnerability CVE-2022-24112 - Is this affecting Commvault ?

Forum|Forum|3 years ago
March 29, 2022
6 replies
298 views

H

Harwie
Vaulter

May I know if Apache Vulnerability CVE-2022-24112 is affecting Commvault

CVE-2022-24112/CVE-2022-24112.yaml at main · Mr-xn/CVE-2022-24112 · GitHub

Best answer by Sean Crifasi

We use Apache Tomcat to provide Web Console functionality.

Reviewing the CVE posted this is explicitly related to a separate product “Apache APISIX” I have not found any indication, documentation, or prior case with apisix deployed with Commvault. If you do have this present on your server, kindly confirm the path in which this is found.

If you have a question or comment, please create a topic

+22

Mike Struening
Vaulter
Forum|Forum|3 years ago
March 29, 2022

@Harwie , let me look into this for you.

https://www.linkedin.com/in/michael-struening

Like

H

Harwie
Author
Vaulter
Forum|Forum|3 years ago
April 7, 2022

@Mike Struening , May I have an update on this?

Thanks

Harwie

Like

+22

Mike Struening
Vaulter
Forum|Forum|3 years ago
April 7, 2022

Still digging, though I see you have a case for this. Keep me posted and I’ll do the same.

https://www.linkedin.com/in/michael-struening

Like

H

Harwie
Author
Vaulter
Forum|Forum|3 years ago
April 13, 2022

Hi Mike,

Any update on this Apache vulnerability?

Like

+9

Sean Crifasi
Vaulter
Answer
Forum|Forum|3 years ago
April 13, 2022

We use Apache Tomcat to provide Web Console functionality.

Reviewing the CVE posted this is explicitly related to a separate product “Apache APISIX” I have not found any indication, documentation, or prior case with apisix deployed with Commvault. If you do have this present on your server, kindly confirm the path in which this is found.