Vulnerabilites related to phoenixcontact - fl_mguard_rs4004_tx\/dtx
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-10-01 07:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede realizar cambios de configuraci\u00f3n de los servicios de firewall, incluido el reenv\u00edo de paquetes o NAT a trav\u00e9s de la variable de entorno FW_NAT.IN_IP, lo que puede provocar un DoS."
}
],
"id": "CVE-2024-43390",
"lastModified": "2024-10-01T07:15:04.083",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-09-10T09:15:05.537",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-10-01 07:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede realizar cambios de configuraci\u00f3n del servicio ospf a trav\u00e9s de las variables de entorno OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY, lo que puede provocar un DoS."
}
],
"id": "CVE-2024-43389",
"lastModified": "2024-10-01T07:15:03.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-09-10T09:15:05.220",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 07:15
Modified
2024-11-21 07:59
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-010/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-010/ | Mitigation, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71C16A4-6E49-4410-AA8C-F52175F2C81F",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D3F8A7-C70A-49C8-BFDB-94FBDDF4B760",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A929557-FC2A-4809-9BA7-3FF3629F8843",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D194B1FF-8EFD-4A91-BDFE-BD4C56E4E8DC",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83ED1AF-4FC7-40AA-BE7E-80102D91F2CA",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEE92D8-7DBB-4AC1-9448-EEB22978582D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D444AD1-C3BC-4068-9379-BEE3AF9D7AF6",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33D224A9-55B5-4E11-9FFD-CBE813514DA2",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F12859-3812-440E-9AB4-4E14DA93E484",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E13DE612-F455-4244-B404-4CF00DD53638",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D876F46-E6D2-47A0-AE18-B546F8C0FA2A",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "294A2CF6-9CAC-436E-B019-65810DD63227",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D466F275-2D33-4C60-8CBD-95E8AE1DA25E",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3928BADE-D59C-48C3-B83F-79B0DF05877F",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D59F7109-B587-4D60-B63B-F15CE079620F",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5603B24-5AE7-4558-86BF-7F1F5655408A",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52218352-E1A4-41C7-8122-1A9EF20D2525",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3722A31C-19EB-4033-8092-3A895B3F6AE5",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF53D73-F351-4D3D-B4F5-706C832878BF",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A49E717E-A607-4CDE-B1BD-30A9274027AD",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD4E586-91EE-4C33-A7AC-D2ABE8E90258",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E01A1D9-D538-4BA1-A3B5-CC42DB18AA5B",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "814303A0-DB3B-49AB-9097-BEE26D475B1B",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05BE7876-D755-4560-BA4B-78CAF99F0DD3",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B617A30-13C7-41B1-9741-A22D37F2E60B",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAF7C20-61B4-43CC-A1A7-18D215F769EA",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE95FB8-1029-4027-95CA-C1B83D11BC2B",
"versionEndIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow\u00a0UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks."
}
],
"id": "CVE-2023-2673",
"lastModified": "2024-11-21T07:59:03.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2023-06-13T07:15:46.460",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-010/"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1287"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-17 23:15
Modified
2024-11-21 04:59
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en-us/advisories/vde-2020-046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en-us/advisories/vde-2020-046 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A23E2F36-6124-424D-AA03-634EBD6F0B6F",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67439834-834F-4EBA-90DA-31CA956F3B1C",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B238B828-18C9-4A47-AAC8-76EAD2FC791F",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5437C9C1-CFFE-4F26-94B2-6AD74F083669",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2F3D77-7685-4D59-88E7-5E85D28C1EA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "749E8750-1D7D-49E4-914D-E3ADFC6EF0A0",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:innominate_mguard_rs4000_4tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8755CB8C-533E-4EB4-BB62-46886A3C34C4",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:innominate_mguard_rs4000_4tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EB9EFF-4D1B-4A48-AA37-54D5E18CD3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:innominate_mguard_rs4000_4tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6870740D-65AA-40AD-BA84-FA6AF4DEEFD8",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:innominate_mguard_rs4000_4tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D31B090-FA3C-4F01-87B9-7699CCFA4737",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:innominate_mguard_rs4000_4tx\\/3g\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3036E4C8-A09C-4983-9E8B-1528B962E151",
"versionEndExcluding": "8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:innominate_mguard_rs4000_4tx\\/3g\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCE11B-E439-4D71-B9C3-E36D1B6AD587",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource"
},
{
"lang": "es",
"value": "En Phoenix Contact mGuard Devices versiones anteriores a 8.8.3, los puertos LAN funcionan despu\u00e9s del reinicio, inclusive si est\u00e1n desactivados en la configuraci\u00f3n del dispositivo.\u0026#xa0;Para los dispositivos mGuard con switch integrado en el lado de la LAN, los puertos switch \u00fanicos pueden ser desactivados mediante la configuraci\u00f3n del dispositivo.\u0026#xa0;Despu\u00e9s de un reinicio, estos puertos se vuelven funcionales independientemente de su configuraci\u00f3n: Falta la Inicializaci\u00f3n del Recurso"
}
],
"id": "CVE-2020-12523",
"lastModified": "2024-11-21T04:59:51.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-17T23:15:13.263",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-046"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 19:32
Severity ?
Summary
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios y permisos de escritura puede reconfigurar el servicio SNMP debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2024-43388",
"lastModified": "2024-09-27T19:32:48.683",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:04.953",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 08:15
Modified
2024-09-28 23:56
Severity ?
Summary
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-052 | Mitigation, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can\u00a0exploit the behavior of the\u00a0pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u00a0blocking of valid IPsec VPN peers."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede explotar el comportamiento del servicio de encapsulaci\u00f3n TCP de Pathfinder estableciendo una gran cantidad de conexiones TCP con dicho servicio. El impacto se limita al bloqueo de pares VPN IPsec v\u00e1lidos."
}
],
"id": "CVE-2024-7734",
"lastModified": "2024-09-28T23:56:32.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T08:15:04.020",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-052"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 19:33
Severity ?
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede desencadenar la ejecuci\u00f3n de comandos arbitrarios del sistema operativo como superusuario debido a la neutralizaci\u00f3n incorrecta de elementos especiales en la variable EMAIL_NOTIFICATION.TO en los dispositivos mGuard."
}
],
"id": "CVE-2024-43386",
"lastModified": "2024-09-27T19:33:22.077",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:04.400",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-10-01 07:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede realizar cambios de configuraci\u00f3n de los servicios de firewall, incluido el filtrado de paquetes, el reenv\u00edo de paquetes, el control de acceso a la red o NAT a trav\u00e9s de la variable de entorno FW_PORTFORWARDING.SRC_IP, lo que puede provocar un DoS."
}
],
"id": "CVE-2024-43391",
"lastModified": "2024-10-01T07:15:04.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-09-10T09:15:05.760",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 19:33
Severity ?
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede desencadenar la ejecuci\u00f3n de comandos arbitrarios del sistema operativo como superusuario debido a la neutralizaci\u00f3n incorrecta de elementos especiales en la variable PROXY_HTTP_PORT en los dispositivos mGuard."
}
],
"id": "CVE-2024-43385",
"lastModified": "2024-09-27T19:33:08.770",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:04.150",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 19:39
Severity ?
Summary
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can\u00a0get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede obtener acceso a tokens CSRF de usuarios con mayores privilegios, que pueden usarse para realizar ataques CSRF."
}
],
"id": "CVE-2024-7698",
"lastModified": "2024-09-27T19:39:43.350",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:06.847",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 18:59
Severity ?
Summary
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede ejecutar comandos del sistema operativo con privilegios de superusuario debido a la neutralizaci\u00f3n incorrecta de elementos especiales en los datos del usuario."
}
],
"id": "CVE-2024-7699",
"lastModified": "2024-09-27T18:59:31.277",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:07.180",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-10-01 07:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede realizar cambios de configuraci\u00f3n de los servicios de firewall, incluido el filtrado de paquetes, el reenv\u00edo de paquetes, el control de acceso a la red o NAT a trav\u00e9s de la variable de entorno FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP lo que puede provocar un DoS."
}
],
"id": "CVE-2024-43392",
"lastModified": "2024-10-01T07:15:04.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-09-10T09:15:06.100",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-15 11:15
Modified
2024-11-21 07:19
Severity ?
Summary
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2022-051/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2022-051/ | Mitigation, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "414AA804-E8DE-4914-A7C2-230E7D92A13F",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEE92D8-7DBB-4AC1-9448-EEB22978582D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C30A4296-82A3-4081-9C10-A2EBEBE5A2DA",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E52A933-FCAE-42CF-985D-E3DB511D3772",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78A67B9B-571D-4B86-B2B1-44FB57B9EA31",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F95F6CEB-0800-4938-AF1D-CA7499902EC9",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40FA6766-367C-4CA5-B5AB-67A5661F46E4",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9781910F-9E0D-4BEC-89CF-02D041846214",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF5B970-E183-41FF-93E4-EE6F75BAB96A",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B642EB4B-37BE-4D63-B941-981AF54586CB",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD3F825-9944-4E73-8AA4-B34CA25F8A7D",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62EC7C50-65FD-497A-860E-7BDBEC97EFEC",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E4DC7D-6680-4773-913E-71A1FCC54F1E",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED3EC5-9BD2-44A3-9152-01DA97E5BAE1",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F71F0B5-FCA4-430D-B3F8-7475516586D2",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06FDFAD9-0784-4244-B045-95C41B9057C9",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3112ED4D-CE18-45A7-8860-F282689BC0BB",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E84A1107-5088-423B-9370-46C5D8774D40",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51D6D95A-E970-436B-87CF-4046B7A73210",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B130B-1F9D-48FB-9987-975F8F37E067",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD30EE8-3448-408E-A74F-CD5C5964FD3C",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40060365-3840-4646-B735-B1DE0E137335",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC704EF-D3BE-4729-B455-C7BD2D8D997B",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE939ED-C442-42B6-BA17-A5EBA2F2772B",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5080002-E6AC-4D79-B6E5-374DFEE68DE8",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C81BDB22-8110-48C6-95B7-A1826B451C7A",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCABFC35-6F39-4299-82AE-436E4F66C7DF",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90E0D8A0-C9D2-4519-8331-1AF2B6C18B17",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33A7AF80-71B2-450E-AB9C-889663DFF92D",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D174C3B9-A37A-4CB9-9A6D-1AFA3E220EB2",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397F71BD-8FED-4886-865F-54916EB3024C",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D55AC44A-08D0-4533-9849-06DA4AF3AC6F",
"versionEndExcluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\n"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado podr\u00eda provocar una Denegaci\u00f3n de Servicio (DoS) de los dispositivos PHOENIX CONTACT FL MGUARD y TC MGUARD inferiores a la versi\u00f3n 8.9.0 al enviar una mayor cantidad de conexiones HTTPS no autenticadas que se originan desde diferentes IP de origen. Configurar los l\u00edmites de firewall para conexiones entrantes no puede evitar el problema."
}
],
"id": "CVE-2022-3480",
"lastModified": "2024-11-21T07:19:37.263",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2022-11-15T11:15:12.100",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-09-27 19:33
Severity ?
Summary
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede leer y escribir archivos como superusuario debido a la neutralizaci\u00f3n incorrecta de elementos especiales en la variable EMAIL_RELAY_PASSWORD en los dispositivos mGuard."
}
],
"id": "CVE-2024-43387",
"lastModified": "2024-09-27T19:33:37.497",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-09-10T09:15:04.690",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 09:15
Modified
2024-10-01 07:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-039 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02CC05-860D-442A-B973-643B51E13613",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D624EC2-7CEE-4ADC-A1D2-B0688AE23873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0702823F-52B6-40D3-B598-AA6F8745DB85",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0910CB6C-8716-4A79-B43C-EB02B22AB632",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEE0407-9473-4810-BC8D-F9AC44C69219",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0DA3D1-0599-4364-AF1A-2DAD50382A15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053DB989-17D5-49E1-BF0A-814F80D0FF62",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8861227-5A7F-49CA-B0E6-5806C746B5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB61681-FE91-4EA7-A431-446579A511C1",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD37990-FF75-4323-A8B1-7BEF9A0001D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "234CD8A4-BA72-47A5-8BAF-B449315A2202",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CE797B-2D4B-41CC-888E-467F64BDB19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428076C7-97EC-47C9-B409-C1C9379A6E29",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F4219D-1822-471E-88C0-7B6F5FB56A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64F7DC-B719-46CF-8D6D-0E9CE24E5F31",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F287F24-13AD-4628-B724-E58A9F44E48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CBDC4F-31FE-430A-BD2B-95985E2B8959",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A2DC0B-6B50-4E38-9585-B131DBCB9F51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3AAE8C-4A1C-4DA7-B710-F1458E9E472E",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50690731-FA99-45B3-AF4C-C1DAD881CAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF284D31-EA9B-48F3-A261-78672D3A8BF3",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62C758-015E-4178-BA37-D463F95BD468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7D20EC-CBAA-48C2-91A9-7964A64C5F51",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA35CCC1-2FE0-4FA7-A360-C2F9849476B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86EA88-023D-477B-9138-6F16DC173EB0",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1726B1D9-3CAF-4C11-BB25-C7677B2CEE33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CADDBA01-FB75-4B02-B100-28E7BE105C80",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88246FF-5453-4473-992B-AEEFE88ED41D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732BF960-A8C6-4BF3-B58E-A142D1349560",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A87B204-19D0-4E12-B462-EB4BB25D196E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA76759-0346-4978-B865-4C11D733A381",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEEC9DE-5CF5-4596-B64C-6CAA32110FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDAE7BE-54B1-472F-80D6-A5B3BC4F9035",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9887CEB-57EA-49A0-9CFD-910DAFE4A09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1794B6-B631-488C-B7DC-7D3E79C0D9CA",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3051DBA5-8D2B-4630-8FA7-602AC7CB4576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD929B-2E97-48F6-835E-9B217C846DE8",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428D6C77-0592-4031-933E-2CFE0AB58BA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD719D49-5D66-4E3F-896C-97D0BCF0C2C6",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A698B47-3DF4-4FAB-9AA6-425FF823F303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8A58D-90BC-4E6B-9CAD-7B8A72ACE990",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6EF67-BB61-4661-977B-A4968641E9BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8775CE8-282C-498C-9EA2-542338025F1B",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFEEEAD-22B2-49FC-8B2B-583D9DFFB291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B608EB3-6BA1-4D4F-B3E4-31B984CD0B0F",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB7394-6BE3-44F4-A184-BA438200F532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72335756-555D-413F-955B-02F57C6B8C01",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3B0286-BD27-4032-B4FF-0A7481356039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF8B1A6-81B0-4A50-A340-2BA68922F614",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_gt\\/gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12FBC961-F834-4334-948A-9FC9E613301D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC710BB-60A5-4F43-AEF3-4BFCA13846F5",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9CB765-BEE4-4318-ADBD-EE241CA9FA31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28ED34B-2510-48B6-A2A8-55EB0937ABCE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBF005C-9157-49E2-820F-C75B3828EDA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050BE7DC-F22E-4022-A113-8A951170617A",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E14AD-C198-4E8B-AC31-FF89F3EB97C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A091DE68-F0CE-480D-BD5E-90BD582ED1AE",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B549B2C1-42A9-4D05-B32D-6E08A2BECBEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29581AAB-05BC-43F2-9527-1377413529E4",
"versionEndExcluding": "8.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20459672-988A-403E-9073-37F3B38F972E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B7E551-0057-48E6-AEA8-33588AA4C54C",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D36718-F7F5-40E4-9A01-58475943AB8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F72A3C-1E6A-4642-94C4-C2EA14C67A31",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C68D03F-E473-4F34-85FA-F7C81859E976",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C34979-43F9-4D09-B8DD-64B741247AE5",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCA6B7B-1420-4B75-8AF1-245C48A0809C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C5CD24-7FB6-4482-A9C6-22B35B3DFE47",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF36E8F0-08B9-46B2-B5E1-E207C70A0447",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA88A13-7425-4EDB-89EC-BC68E6985FFA",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF8E58-5E12-4214-B659-5FC6CEB18879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC77981-EC77-4273-AAAA-0D715F6C75C6",
"versionEndExcluding": "10.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DCBF6-F308-4B53-A3CA-5A799A82F579",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede realizar cambios de configuraci\u00f3n de los servicios de firewall, incluido el filtrado de paquetes, el reenv\u00edo de paquetes, el control de acceso a la red o NAT a trav\u00e9s de la variable de entorno FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP lo que puede provocar un DoS."
}
],
"id": "CVE-2024-43393",
"lastModified": "2024-10-01T07:15:05.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-09-10T09:15:06.367",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-7699 (GCVE-0-2024-7699)
Vulnerability from cvelistv5
Published
2024-09-10 08:42
Modified
2024-09-10 14:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:25:49.250812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:25:56.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:42:55.635Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OS command execution in MGUARD products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-7699",
"datePublished": "2024-09-10T08:42:55.635Z",
"dateReserved": "2024-08-12T08:30:25.190Z",
"dateUpdated": "2024-09-10T14:25:56.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43386 (GCVE-0-2024-43386)
Vulnerability from cvelistv5
Published
2024-09-10 08:43
Modified
2024-09-10 14:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:25:00.255471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:25:13.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u0026nbsp;mGuard devices.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:41.392Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in\u00a0mGuard devices.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43386",
"datePublished": "2024-09-10T08:43:41.392Z",
"dateReserved": "2024-08-12T08:30:16.359Z",
"dateUpdated": "2024-09-10T14:25:13.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7734 (GCVE-0-2024-7734)
Vulnerability from cvelistv5
Published
2024-09-10 08:03
Modified
2024-09-10 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:54:22.823770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T16:00:45.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can\u0026nbsp;exploit the behavior of the\u0026nbsp;pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u0026nbsp;blocking of valid IPsec VPN peers.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can\u00a0exploit the behavior of the\u00a0pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u00a0blocking of valid IPsec VPN peers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:03:19.477Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-052"
}
],
"source": {
"advisory": "VDE-2024-052",
"defect": [
"CERT@VDE#641676"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-7734",
"datePublished": "2024-09-10T08:03:19.477Z",
"dateReserved": "2024-08-13T12:52:12.930Z",
"dateUpdated": "2024-09-10T16:00:45.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43385 (GCVE-0-2024-43385)
Vulnerability from cvelistv5
Published
2024-09-10 08:43
Modified
2024-09-10 14:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - :Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:25:23.534617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:25:30.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the\u0026nbsp;execution of arbitrary OS commands as root due to improper neutralization of special elements in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe variable PROXY_HTTP_PORT in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emGuard devices.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78:Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:25.556Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OS command execution through PROXY_HTTP_PORT in\u00a0mGuard devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43385",
"datePublished": "2024-09-10T08:43:25.556Z",
"dateReserved": "2024-08-12T08:30:16.359Z",
"dateUpdated": "2024-09-10T14:25:30.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43388 (GCVE-0-2024-43388)
Vulnerability from cvelistv5
Published
2024-09-10 08:44
Modified
2024-09-10 14:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:46:11.213014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:17:49.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:44:06.550Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43388",
"datePublished": "2024-09-10T08:44:06.550Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-09-10T14:17:49.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43389 (GCVE-0-2024-43389)
Vulnerability from cvelistv5
Published
2024-09-10 08:44
Modified
2024-10-01 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:32.088676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:44:29.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.\u003c/p\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:41:42.028Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43389",
"datePublished": "2024-09-10T08:44:19.337Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-10-01T06:41:42.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43392 (GCVE-0-2024-43392)
Vulnerability from cvelistv5
Published
2024-09-10 08:44
Modified
2024-10-01 06:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43392",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:31:18.258271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:31:26.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u0026nbsp;FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:43:01.792Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43392",
"datePublished": "2024-09-10T08:44:56.166Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-10-01T06:43:01.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3480 (GCVE-0-2022-3480)
Vulnerability from cvelistv5
Published
2022-11-15 10:58
Modified
2025-04-29 20:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD CENTERPORT |
Version: 0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:01.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T20:13:37.379872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T20:13:45.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-11-15T09:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eby sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T10:58:25.780Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to firmware version \u0026gt;= 8.9.0"
}
],
"value": "Upgrade to firmware version \u003e= 8.9.0"
}
],
"source": {
"advisory": "VDE-2022-051",
"defect": [
"CERT@VDE#64261"
],
"discovery": "EXTERNAL"
},
"title": "Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-3480",
"datePublished": "2022-11-15T10:58:25.780Z",
"dateReserved": "2022-10-13T07:49:46.094Z",
"dateUpdated": "2025-04-29T20:13:45.498Z",
"requesterUserId": "a1e5283b-8f0d-401e-98b2-bc6219c0e8d1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2673 (GCVE-0-2023-2673)
Vulnerability from cvelistv5
Published
2023-06-13 06:16
Modified
2025-01-03 01:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ 10.1.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:33:04.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-010/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:56:43.558872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:57:54.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow\u0026nbsp;UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks."
}
],
"value": "Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow\u00a0UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T05:32:49.382Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-010/"
}
],
"source": {
"advisory": "VDE-2023-010",
"defect": [
"CERT@VDE#64497"
],
"discovery": "INTERNAL"
},
"title": "PHOENIX CONTACT: FL/TC MGUARD prone to Improper Input Validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-2673",
"datePublished": "2023-06-13T06:16:18.557Z",
"dateReserved": "2023-05-12T06:13:26.259Z",
"dateUpdated": "2025-01-03T01:57:54.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43393 (GCVE-0-2024-43393)
Vulnerability from cvelistv5
Published
2024-09-10 08:45
Modified
2024-10-01 06:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:30:58.571512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:31:09.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:43:28.510Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43393",
"datePublished": "2024-09-10T08:45:10.306Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-10-01T06:43:28.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7698 (GCVE-0-2024-7698)
Vulnerability from cvelistv5
Published
2024-09-10 08:42
Modified
2024-09-10 15:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
Summary
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:51:37.470535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:48.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can\u0026nbsp;get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can\u00a0get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:42:42.629Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-7698",
"datePublished": "2024-09-10T08:42:42.629Z",
"dateReserved": "2024-08-12T08:30:23.906Z",
"dateUpdated": "2024-09-10T15:51:48.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43387 (GCVE-0-2024-43387)
Vulnerability from cvelistv5
Published
2024-09-10 08:43
Modified
2024-09-10 14:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:22:29.653702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:22:52.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:54.155Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43387",
"datePublished": "2024-09-10T08:43:54.155Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-09-10T14:22:52.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43391 (GCVE-0-2024-43391)
Vulnerability from cvelistv5
Published
2024-09-10 08:44
Modified
2024-10-01 06:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:11.993032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:43:56.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u0026nbsp;through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:42:39.154Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43391",
"datePublished": "2024-09-10T08:44:42.576Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-10-01T06:42:39.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43390 (GCVE-0-2024-43390)
Vulnerability from cvelistv5
Published
2024-09-10 08:44
Modified
2024-10-01 06:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | PHOENIX CONTACT | FL MGUARD 2102 |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:23.510390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:44:10.735Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:42:15.614Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43390",
"datePublished": "2024-09-10T08:44:30.792Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-10-01T06:42:15.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12523 (GCVE-0-2020-12523)
Vulnerability from cvelistv5
Published
2020-12-17 22:43
Modified
2024-09-16 19:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-909 - Missing Initialization of Resource
Summary
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Phoenix Contact | TC MGUARD RS4000 4G VZW VPN (1010461) |
Version: unspecified < 8.8.3 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TC MGUARD RS4000 4G VZW VPN (1010461)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "TC MGUARD RS4000 4G ATT VPN (1010463)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FL MGUARD RS4004 TX/DTX (2701876)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FL MGUARD RS4004 TX/DTX VPN (2701877)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "TC MGUARD RS4000 3G VPN (2903440)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "TC MGUARD RS4000 4G VPN (2903586)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Innominate mGuard rs4000 4TX/TX",
"vendor": "Innominate",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Innominate mGuard rs4000 4TX/TX VPN",
"vendor": "Innominate",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Innominate mGuard rs4000 4TX/3G/TX VPN",
"vendor": "Innominate",
"versions": [
{
"lessThan": "8.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by SMST Designers \u0026 Constructors B.V., Phoenix Contact reported to CERT@VDE"
}
],
"datePublic": "2020-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-909",
"description": "CWE-909 Missing Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-17T22:43:14",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-046"
}
],
"solutions": [
{
"lang": "en",
"value": "PHOENIX CONTACT recommends all mGuard users to upgrade to the firmware version 8.8.3."
}
],
"source": {
"advisory": "VDE-2020-046",
"defect": [
"VDE-2020-046"
],
"discovery": "EXTERNAL"
},
"title": "Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration",
"workarounds": [
{
"lang": "en",
"value": "Instead of deactivating by configuration, network cables should be detached from affected switch ports."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-12-17T09:00:00.000Z",
"ID": "CVE-2020-12523",
"STATE": "PUBLIC",
"TITLE": "Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TC MGUARD RS4000 4G VZW VPN (1010461)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "TC MGUARD RS4000 4G ATT VPN (1010463)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "FL MGUARD RS4004 TX/DTX (2701876)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "FL MGUARD RS4004 TX/DTX VPN (2701877)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "TC MGUARD RS4000 3G VPN (2903440)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "TC MGUARD RS4000 4G VPN (2903586)",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
}
]
},
"vendor_name": "Phoenix Contact"
},
{
"product": {
"product_data": [
{
"product_name": "Innominate mGuard rs4000 4TX/TX",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "Innominate mGuard rs4000 4TX/TX VPN",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
},
{
"product_name": "Innominate mGuard rs4000 4TX/3G/TX VPN",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "8.8.3"
}
]
}
}
]
},
"vendor_name": "Innominate"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "Discovered by SMST Designers \u0026 Constructors B.V., Phoenix Contact reported to CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource"
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-909 Missing Initialization of Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-046",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-046"
}
]
},
"solution": [
{
"lang": "en",
"value": "PHOENIX CONTACT recommends all mGuard users to upgrade to the firmware version 8.8.3."
}
],
"source": {
"advisory": "VDE-2020-046",
"defect": [
"VDE-2020-046"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Instead of deactivating by configuration, network cables should be detached from affected switch ports."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12523",
"datePublished": "2020-12-17T22:43:14.788183Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T19:04:46.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}