Skip to main content

Hello 

We are on Commvault 11.28.122 and our security team notified me that we have a few vulnerabilities on our linux redhat clients.  Its a medium vulnerability but this client requires us to address medium vulnerabilities.

plugin Output: 
  Path              : /opt/commvault/Base64/libcurl.so
  Installed version : 8.4.0
  Fixed version     : 8.9.1

My questions - 

Would this possibly be addressed in a “maintenance release” ?  or

Would we need to upgrade from 11.28.x to say like 11.32.x or 11.36.x to correct this?  I mean how and were can see what versions of libcurl is included in a maintenace fix or version?   Or do I need to just spin open a ticket with Support..

https://www.tenable.com/plugins/nessus/205024

 

Thanks for looking at my post and appreciate any feed back!

Thanks

BC

 

Hi,
This is being worked now for 11.28 as well. There is no target Maintenance Release set yet, but for can use form ID 6283 to check the progress with your account representative.

Thanks @Jacek Piechucki  for the information.  Much appreciated!

 

BC

@bc1410 Have you seen this:
https://documentation.commvault.com/securityadvisories/CV_2024_08_2.html  

Thank you @Ralph 

 

 

Commvault products do not use any of these modules and are not affected by this vulnerability.

 

Impacted Products

This vulnerability does not affect Commvault products.

Resolution

 

Commvault uses openSSL which is not affected by this vulnerability.

Reply


Terms & ConditionsCookie settings