Storage Performance Development Kit
CVE-2019-14940
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
AnalysisAI
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. Affected products include: Spdk Storage Performance Development Kit. Version information: before 19.07.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. Rated high severity (CVSS 7.5), t
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could caref
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today