// For flags

CVE-2013-20001

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.

Se detectó un problema en OpenZFS versiones hasta 2.0.3. Cuando un recurso compartido NFS es exportado a direcciones IPv6 por medio de la funcionalidad sharenfs, es producido un fallo silencioso al analizar los datos de la dirección IPv6 y es permitido un acceso a todos. Las restricciones de IPv6 de la configuración no son aplicados

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-02-12 CVE Reserved
  • 2021-02-12 CVE Published
  • 2024-03-19 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openzfs
Search vendor "Openzfs"
Openzfs
Search vendor "Openzfs" for product "Openzfs"
<= 2.0.3
Search vendor "Openzfs" for product "Openzfs" and version " <= 2.0.3"
-
Affected