Vulnerabilities > CVE-2021-29424 - Incorrect Authorization vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
net
fedoraproject
CWE-863

Summary

The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Vulnerable Configurations

Part Description Count
Application
Net\
1
OS
Fedoraproject
3

Common Weakness Enumeration (CWE)