Bypassing iSCSI Authentication in Network Appliance Data ONTAP 7.0 and Earlier

Bypassing iSCSI Authentication in Network Appliance Data ONTAP 7.0 and Earlier

CVE-2005-3327 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.

Learn more about our Web Application Penetration Testing UK.