Starwindsoftware Nas
By the Year
In 2024 there have been 0 vulnerabilities in Starwindsoftware Nas . Nas did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 9.30 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Nas vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Starwindsoftware Nas Security Vulnerabilities
A flaw was found in the REST API in StarWind Stack
CVE-2022-24552
9.8 - Critical
- February 06, 2022
A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesnt check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges. This affects StarWind SAN and NAS v0.2 build 1633.
Shell injection
A flaw was found in StarWind Stack
CVE-2022-24551
8.8 - High
- February 06, 2022
A flaw was found in StarWind Stack. The endpoint for setting a new password doesnt check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS v0.2 build 1633.
authentification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Starwindsoftware San or by Starwindsoftware? Click the Watch button to subscribe.
