CVE-2021-33318

An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ipmatcher_project:ipmatcher:*:*:*:*:*:*:*:*
cpe:2.3:a:watsonwebserver_project:watsonwebserver:*:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-20 CWE-704

25 May 2022, 14:03

Type Values Removed Values Added
CPE cpe:2.3:a:watsonwebserver_project:watsonwebserver:*:*:*:*:*:*:*:*
cpe:2.3:a:ipmatcher_project:ipmatcher:*:*:*:*:*:*:*:*
CWE CWE-20
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
References (MISC) https://github.com/kaoudis/advisories/blob/main/0-2021.md - (MISC) https://github.com/kaoudis/advisories/blob/main/0-2021.md - Exploit, Third Party Advisory
References (MISC) https://github.com/jchristn/WatsonWebserver - (MISC) https://github.com/jchristn/WatsonWebserver - Third Party Advisory
References (MISC) https://github.com/jchristn/IpMatcher - (MISC) https://github.com/jchristn/IpMatcher - Third Party Advisory
References (MISC) https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e041d89 - (MISC) https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e041d89 - Patch, Third Party Advisory

16 May 2022, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-16 16:15

Updated : 2024-02-04 22:29


NVD link : CVE-2021-33318

Mitre link : CVE-2021-33318

CVE.ORG link : CVE-2021-33318


JSON object : View

Products Affected

ipmatcher_project

  • ipmatcher

watsonwebserver_project

  • watsonwebserver
CWE
CWE-704

Incorrect Type Conversion or Cast