PT-2022-7718 · Starwind · Starwind Iscsi San
Published
2022-02-06
·
Updated
2022-09-01
·
CVE-2007-20001
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
StarWind iSCSI SAN version 3.2.2 build 2007-02-20
StarWind iSCSI SAN versions prior to 3.5 build 2007-08-09
Description
A flaw was found in the StarWind iSCSI target, allowing an attacker to script standard iSCSI Initiator operations to exhaust the StarWind service socket, leading to denial of service.
Recommendations
For StarWind iSCSI SAN version 3.2.2 build 2007-02-20, update to version 3.5 build 2007-08-09 or later to resolve the issue.
For StarWind iSCSI SAN versions prior to 3.5 build 2007-08-09, update to version 3.5 build 2007-08-09 or later to resolve the issue.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Starwind Iscsi San