Tag Archives: Binding to an Unrestricted IP Address

CWE-1327 – Binding to an Unrestricted IP Address

Read Time:25 Second

Description

The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.

Modes of Introduction:

– System Configuration

 

 

Related Weaknesses

CWE-668

 

Consequences

Availability: DoS: Amplification

 

Potential Mitigations

Phase: System Configuration

Effectiveness: High

Description: 

Assign IP addresses that are not 0.0.0.0.

Phase: System Configuration

Effectiveness: High

Description: 

Unwanted connections to the configured server may be denied through a firewall or other packet filtering measures.

CVE References