Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-11650

Опубликовано: 08 апр. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Средний

Описание

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:ixsystems:freenas_firmware:11.2:-:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u2:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u2.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u3:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u4:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u4.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u5:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u5.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u6:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u6.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.2:u7:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:-:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:alpha1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:alpha2:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:beta1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:rc1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:freenas_firmware:11.3:rc2:*:*:*:*:*:*
cpe:2.3:h:ixsystems:freenas:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:ixsystems:truenas_firmware:11.2:-:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u2:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u2.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u3:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u4:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u4.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u5:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u5.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u6:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u6.1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.2:u7:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:-:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:alpha1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:alpha2:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:beta1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:rc1:*:*:*:*:*:*
cpe:2.3:o:ixsystems:truenas_firmware:11.3:rc2:*:*:*:*:*:*
cpe:2.3:h:ixsystems:truenas:-:*:*:*:*:*:*:*

EPSS

Процентиль: 94%
0.11916
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-307

Связанные уязвимости

github логотип

GHSA-jr46-4q88-9hjx

github
больше 3 лет назад

An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3-U1. It allows a denial of service.

EPSS

Процентиль: 94%
0.11916
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-307