The only thing is that you’re not saying “all addresses should have access” — that’s done in your firewall(s) and/or the server software and/or other security layers like tcpwrappers.
0.0.0.0, in this context, means “all IP addresses on the local machine” (in fact probably, “all IPv4 addresses on the local machine”). So, if your webserver machine has two IP addresses, 192.168.1.1 and 10.1.2.1, and you allow a webserver daemon like apache to listen on 0.0.0.0, it will be reachable at both of those IP addresses. But only to what can contact those IP addresses and the web port(s).
Note that, in a different context (routing) 0.0.0.0 usually means the default route (the route to “the rest of” the internet, aside from routes in your local network etc.).