Filtered by vendor Starwindsoftware
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24552 | 1 Starwindsoftware | 2 Nas, San | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges. This affects StarWind SAN and NAS v0.2 build 1633. | |||||
| CVE-2013-20004 | 1 Starwindsoftware | 1 Iscsi San | 2022-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak. | |||||