{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-47156", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T19:33:18.337Z", "dateReserved": "2024-03-18T00:00:00.000Z", "datePublished": "2024-03-18T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-18T04:42:18.151Z"}, "descriptions": [{"lang": "en", "value": "The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"}, {"url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes"}, {"url": "https://metacpan.org/release/Net-IPAddress-Util"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-1287", "lang": "en", "description": "CWE-1287 Improper Validation of Specified Type of Input"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-18T15:35:36.287667Z", "id": "CVE-2021-47156", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T19:33:18.337Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.900Z"}, "title": "CVE Program Container", "references": [{"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/", "tags": ["x_transferred"]}, {"url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes", "tags": ["x_transferred"]}, {"url": "https://metacpan.org/release/Net-IPAddress-Util", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/", "tags": ["x_transferred"]}, {"url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes", "tags": ["x_transferred"]}, {"url": "https://metacpan.org/release/Net-IPAddress-Util", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.900Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47156", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:35:36.287667Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1287", "description": "CWE-1287 Improper Validation of Specified Type of Input"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:18.367Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"}, {"url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes"}, {"url": "https://metacpan.org/release/Net-IPAddress-Util"}], "descriptions": [{"lang": "en", "value": "The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-18T04:42:18.151Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47156", "state": "PUBLISHED", "dateUpdated": "2025-03-27T19:33:18.337Z", "dateReserved": "2024-03-18T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-03-18T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."}, {"lang": "es", "value": "El m\u00f3dulo Net::IPAddress::Util anterior a 5.000 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."}], "id": "CVE-2021-47156", "lastModified": "2025-03-27T20:15:16.147", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-18T05:15:06.260", "references": [{"source": "cve@mitre.org", "url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"}, {"source": "cve@mitre.org", "url": "https://metacpan.org/release/Net-IPAddress-Util"}, {"source": "cve@mitre.org", "url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://metacpan.org/release/Net-IPAddress-Util"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}