Unrated severityNVD Advisory· Published Feb 6, 2022· Updated Aug 3, 2024
CVE-2022-24551
CVE-2022-24551
Description
A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS v0.2 build 1633.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- StarWind/Stackdescription
- Range: = v0.2 build 1633
Patches
Vulnerability mechanics
References
1- www.starwindsoftware.com/security/sw-20220204-0001/mitrex_refsource_MISCx_refsource_CONFIRM
News mentions
0No linked articles in our index yet.