Every CVE whose affected-product data names Starwindsoftware Nas, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-24552 — CVSS 9.8 (critical): A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some…
CVE-2022-24551 — CVSS 8.8 (high): A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An…