← Volver a CVEs
CVE-2020-11650
HIGH7.5
Descripcion
An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado4/8/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
ixsystems:freenasixsystems:freenas_firmwareixsystems:truenasixsystems:truenas_firmware
Debilidades (CWE)
CWE-307
Referencias
https://jira.ixsystems.com/browse/NAS-104748(cve@mitre.org)
https://jira.ixsystems.com/browse/NAS-104748(af854a3a-2127-422b-91ae-364da2661108)
https://security.ixsystems.com/cves/2020-04-08-cve-2020-11650/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.