CVE-2007-20001
HIGHStarWind iSCSI SAN < 3.5 - Denial of Service via Socket Exhaustion
Title source: llmDescription
A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.starwindsoftware.com/security/sw-20070601-0001/
Scores
CVSS v3
7.5
EPSS
0.0109
EPSS Percentile
61.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (1)
starwindsoftware/iscsi_san
< 3.5
Published
Feb 06, 2022
Tracked Since
Feb 18, 2026