Versions Affected : All verisons prior to FreeNAS 11.3-U4.1
Malicious SQL statements could crash, hijack processes, or cause data corruption.
Multiple vulnerabilities have been published including improper input validation (CVE-2020-11655), use after free (CVE-2020-11656, CVE-2020-13630), integer overflow (CVE-2020-13434), null pointer dereference (CVE-2020-13435, CVE-2020-13632), and namespace collision (CVE-2020-13631).
No workaround is available.
- Upgrade to FreeNAS 11.3-U5 or later.