CVE-2007-20001: High severity Starwindsoftware Iscsi San Windows vulnerability

Q: What is the vulnerability ID of this flaw?

The vulnerability ID of this flaw is CVE-2007-20001.

Q: What is the severity of CVE-2007-20001?

The severity of CVE-2007-20001 is high with a CVSS score of 7.5.

Q: What software is affected by CVE-2007-20001?

The StarWind iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20 is affected by CVE-2007-20001.

Q: How can an attacker exploit CVE-2007-20001?

An attacker can script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, leading to denial of service.

Q: Is there a fix available for CVE-2007-20001?

It is recommended to update to a version beyond 3.5 to mitigate the CVE-2007-20001 vulnerability.

Published Feb 6, 2022

Updated

A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20.

Affected Software

1 affected component

Starwindsoftware Iscsi San Windows<3.5

Event History

Feb 6, 2022

CVE Published

09:15 PM

Feb 7, 2022

CVE Published

via MITRE·01:19 AM

Data Sourced

via MITRE·01:19 AM

Description

Frequently Asked Questions

What is the vulnerability ID of this flaw?

The vulnerability ID of this flaw is CVE-2007-20001.

What is the severity of CVE-2007-20001?

The severity of CVE-2007-20001 is high with a CVSS score of 7.5.

What software is affected by CVE-2007-20001?

The StarWind iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20 is affected by CVE-2007-20001.

How can an attacker exploit CVE-2007-20001?

An attacker can script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, leading to denial of service.

Is there a fix available for CVE-2007-20001?