MidnightBSD

Advisories for phoenix_contact_gmbh

CVE-2017-7935 HIGH

A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
phoenix_contact_gmbh mguard_firmware 8.4.1
phoenix_contact_gmbh mguard_firmware 8.3.0
phoenix_contact_gmbh mguard_firmware 8.3.1
phoenix_contact_gmbh mguard_firmware 8.4.0
phoenix_contact_gmbh mguard_firmware 8.4.2
phoenix_contact_gmbh mguard_firmware 8.3.2
CVE-2017-7937 MEDIUM

An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to gain unauthorized access to the user firewall when RADIUS servers are unreachable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
phoenix_contact_gmbh mguard_firmware 8.4.1
phoenix_contact_gmbh mguard_firmware 8.3.0
phoenix_contact_gmbh mguard_firmware 8.3.1
phoenix_contact_gmbh mguard_firmware 8.4.0
phoenix_contact_gmbh mguard_firmware 8.4.2
phoenix_contact_gmbh mguard_firmware 8.3.2