Commvault · Commvault Edge · CVE-2017-3195
**Name of the Vulnerable Software and Affected Versions**
Commvault Edge versions prior to 11 SP7
Commvault Edge version 11 SP6 with hotfix prior to 590
**Description**
The issue is caused by a stack-based buffer overflow in the Communications Service of the Commvault Edge data backup software. This could allow a remote attacker to execute arbitrary code with root/SYSTEM privileges using TCP port 8400.
**Recommendations**
For Commvault Edge versions prior to 11 SP7, update to version 11 SP7 or later.
For Commvault Edge version 11 SP6, apply hotfix 590 or later.