Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5978

Published: 08/11/2023 Updated: 14/12/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Freebsd

Vulnerability Summary

In versions of FreeBSD 13-RELEASE prior to 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints.  When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed.  This could permit the application to resolve domain names that were previously restricted.

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 13.2

freebsd freebsd

References

NVD-CWE-noinfohttps://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.aschttps://security.netapp.com/advisory/ntap-20231214-0003/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook