CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.3%
nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.
Vendor | Product | Version | CPE |
---|---|---|---|
wouter_verhelst | nbd | * | cpe:2.3:a:wouter_verhelst:nbd:*:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.7.5 | cpe:2.3:a:wouter_verhelst:nbd:2.7.5:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.0 | cpe:2.3:a:wouter_verhelst:nbd:2.8.0:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.2 | cpe:2.3:a:wouter_verhelst:nbd:2.8.2:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.4 | cpe:2.3:a:wouter_verhelst:nbd:2.8.4:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.5 | cpe:2.3:a:wouter_verhelst:nbd:2.8.5:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.6 | cpe:2.3:a:wouter_verhelst:nbd:2.8.6:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.8.7 | cpe:2.3:a:wouter_verhelst:nbd:2.8.7:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.9.0 | cpe:2.3:a:wouter_verhelst:nbd:2.9.0:*:*:*:*:*:*:* |
wouter_verhelst | nbd | 2.9.1 | cpe:2.3:a:wouter_verhelst:nbd:2.9.1:*:*:*:*:*:*:* |