Lucene search
CERTVDECVELIST:CVE-2024-43389HistorySep 10, 2024 - 8:44 a.m.
CVE-2024-43389 Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
2024-09-1008:44:19
CWE-74
CERTVDE
www.cve.org
2
phoenix contact
mguard devices
improper input validation
ospf reconfiguration
dos
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.6%
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]References
Related
vulnrichment
vulnrichment
cve
cve
CVE-2024-43389
2024-09-10 09:15:05
nvd
nvd
CVE-2024-43389
2024-09-10 09:15:05
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.6%
Related for CVELIST:CVE-2024-43389