CVE-2013-20004: Critical severity Starwindsoftware Iscsi San Windows vulnerability
A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target multiple times. This affects iSCSI SAN (Windows Native) Version 6.0, build 2013-01-16.
Affected Software
Event History
Frequently Asked Questions
What is CVE-2013-20004?
CVE-2013-20004 is a vulnerability in StarWind iSCSI target that allows an attacker to create a denial of service state by attempting to connect to a non-existent target multiple times.
What is the severity of CVE-2013-20004?
CVE-2013-20004 has a severity rating of 9.8, which is considered critical.
How does CVE-2013-20004 affect StarWind iSCSI target?
CVE-2013-20004 affects StarWind iSCSI target by allowing unlimited client connections and allocating memory on each connection attempt, which can result in a denial of service state.
How can I fix CVE-2013-20004?
To fix CVE-2013-20004, it is recommended to update to a version of iSCSI SAN (Windows Native) after 6.0, as the vulnerability is present in versions up to exclusive 6.0.
Where can I find more information about CVE-2013-20004?
You can find more information about CVE-2013-20004 at this link: [StarWind Software Security Advisory](https://www.starwindsoftware.com/security/sw-20130215-0001/)