CVE-2020-11650
08.04.2020, 23:15
An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ixsystems | freenas_firmware | 11.2 |
| ixsystems | freenas_firmware | 11.2:u1 |
| ixsystems | freenas_firmware | 11.2:u2 |
| ixsystems | freenas_firmware | 11.2:u2.1 |
| ixsystems | freenas_firmware | 11.2:u3 |
| ixsystems | freenas_firmware | 11.2:u4 |
| ixsystems | freenas_firmware | 11.2:u4.1 |
| ixsystems | freenas_firmware | 11.2:u5 |
| ixsystems | freenas_firmware | 11.2:u5.1 |
| ixsystems | freenas_firmware | 11.2:u6 |
| ixsystems | freenas_firmware | 11.2:u6.1 |
| ixsystems | freenas_firmware | 11.2:u7 |
| ixsystems | freenas_firmware | 11.3 |
| ixsystems | freenas_firmware | 11.3:alpha1 |
| ixsystems | freenas_firmware | 11.3:alpha2 |
| ixsystems | freenas_firmware | 11.3:beta1 |
| ixsystems | freenas_firmware | 11.3:rc1 |
| ixsystems | freenas_firmware | 11.3:rc2 |
| ixsystems | truenas_firmware | 11.2 |
| ixsystems | truenas_firmware | 11.2:u1 |
| ixsystems | truenas_firmware | 11.2:u2 |
| ixsystems | truenas_firmware | 11.2:u2.1 |
| ixsystems | truenas_firmware | 11.2:u3 |
| ixsystems | truenas_firmware | 11.2:u4 |
| ixsystems | truenas_firmware | 11.2:u4.1 |
| ixsystems | truenas_firmware | 11.2:u5 |
| ixsystems | truenas_firmware | 11.2:u5.1 |
| ixsystems | truenas_firmware | 11.2:u6 |
| ixsystems | truenas_firmware | 11.2:u6.1 |
| ixsystems | truenas_firmware | 11.2:u7 |
| ixsystems | truenas_firmware | 11.3 |
| ixsystems | truenas_firmware | 11.3:alpha1 |
| ixsystems | truenas_firmware | 11.3:alpha2 |
| ixsystems | truenas_firmware | 11.3:beta1 |
| ixsystems | truenas_firmware | 11.3:rc1 |
| ixsystems | truenas_firmware | 11.3:rc2 |
𝑥
= Vulnerable software versions