iSCSI-accessible Storage Devices Multiple Vulnerabilities

Last Update Date: 4 Apr 2019 Release Date: 3 Apr 2019 5172 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Network Management

TYPE: Network Management

Multiple vulnerabilities have been identified in iSCSI-accessible storage devices, a remote attacker can exploit these vulnerabilities to trigger remote code execution, sensitive information disclosure and tampering on the targeted system.

Impact

  • Remote Code Execution
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

 iSCSI storage devices without password protection setting

Solutions

To protect your iSCSI-accessible storage device from being compromised by attackers:

  • Please check if your storage can be exposed to the Internet.
  • Please check and confirm if the storage is password protected.
  • Please keep the log of these storage for potential criminal investigation.
  • Please consider additional protection measures, e.g. protect it by firewall, and restrict the access to certain IP addresses only

 

 

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

IBM DB2 Multiple Vulnerabilities

4 Apr 2019 5172 Views

Next

Apache HTTPD Multiple Vulnerabilities

3 Apr 2019 5194 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY