Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

April 30, 2025

Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

Commvault, a leading provider of data protection solutions, has confirmed that a nation-state threat actor breached its Azure environment in February by exploiting a zero-day vulnerability.
The compan …

Published Date:
Apr 30, 2025 (3 hours, 18 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3928

Source: Read More

Previous ArticleSonicWall: SMA100 VPN vulnerabilities now exploited in attacks

Next Article Commvault says recent breach didn’t impact customer backup data

Highlights

CVE-2025-4325 – MRCMS Cross-Site Scripting Vulnerability

May 6, 2025

CVE ID : CVE-2025-4325

Published : May 6, 2025, 6:15 a.m. | 1 hour, 32 minutes ago

Description : A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. This vulnerability affects unknown code of the file /admin/category/add.do of the component Category Management Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

Grounded 2’s best feature is happening because Obsidian left the Xbox One behind

6 registry tweaks every tech-savvy user must apply on Windows 11

Here’s why network infrastructure is vital to maximizing your company’s AI adoption

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

Grounded 2’s best feature is happening because Obsidian left the Xbox One behind

Microsoft wraps up the week with new Windows 11 preview builds, one each for Dev & Beta

Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

CVE-2025-32983 – NETSCOUT nGeniusONE Information Disclosure Vulnerability

A spring iPhone launch? Apple might shake up its iPhone release schedule – here’s why

Raspberry Pi 5 Desktop Mini PC: Avoid snap pollution

CVE-2025-4325 – MRCMS Cross-Site Scripting Vulnerability

How to Thrive as a Global Business Professional in 2025

CVE-2025-48994 – SignXML Algorithm Confusion Vulnerability

Windows 8 tiles were ahead of their time — The Xbox handheld could be the perfect place for a similar interface

Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment

Related Posts