Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for FL MGUARD by PHOENIX CONTACT

    CVE-2021-34598 (GCVE-0-2021-34598)

    Vulnerability from nvd – Published: 2021-11-10 11:22 – Updated: 2024-09-16 18:39
    VLAI
    Title
    Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality
    Summary
    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
    CWE
    • CWE-401 - Improper Release of Memory Before Removing Last Reference
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD Affected: 1.4.0 , < FL MGUARD 1102 (No. 1153079)* (custom)
    Affected: 1.4.0 , < FL MGUARD 1105 (No. 1153078)* (custom)
    Create a notification for this product.
    Date Public
    2021-11-10 00:00
    Credits
    This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:47.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FL MGUARD",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "FL MGUARD 1102 (No. 1153079)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "FL MGUARD 1105 (No. 1153078)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder."
            }
          ],
          "datePublic": "2021-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Improper Release of Memory Before Removing Last Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:22:05.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
            }
          ],
          "source": {
            "advisory": "VDE-2021-046",
            "discovery": "EXTERNAL"
          },
          "title": "Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality",
          "workarounds": [
            {
              "lang": "en",
              "value": "To prevent the possibility of an attack, it is recommended to deactivate remote logging."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2021-11-10T11:00:00.000Z",
              "ID": "CVE-2021-34598",
              "STATE": "PUBLIC",
              "TITLE": "Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FL MGUARD",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.5.0 +1"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.5.0 +1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "PHOENIX CONTACT"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active"
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401 Improper Release of Memory Before Removing Last Reference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-046/",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
              }
            ],
            "source": {
              "advisory": "VDE-2021-046",
              "discovery": "EXTERNAL"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "To prevent the possibility of an attack, it is recommended to deactivate remote logging."
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34598",
        "datePublished": "2021-11-10T11:22:05.667Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:39:35.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34582 (GCVE-0-2021-34582)

    Vulnerability from nvd – Published: 2021-11-10 11:22 – Updated: 2024-09-16 20:11
    VLAI
    Title
    Phoenix Contact: FL MGUARD XSS through web-based management and REST API
    Summary
    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD Affected: 1.4.0 , < FL MGUARD 1102 (No. 1153079)* (custom)
    Affected: 1.4.0 , < FL MGUARD 1105 (No. 1153078)* (custom)
    Create a notification for this product.
    Date Public
    2021-11-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:46.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FL MGUARD",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "FL MGUARD 1102 (No. 1153079)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "FL MGUARD 1105 (No. 1153078)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:22:04.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
            }
          ],
          "source": {
            "advisory": "VDE-2021-046",
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API",
          "workarounds": [
            {
              "lang": "en",
              "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings \u003e LDAP and Logs \u003e Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2021-11-10T11:00:00.000Z",
              "ID": "CVE-2021-34582",
              "STATE": "PUBLIC",
              "TITLE": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FL MGUARD",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.5.0 +1"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.5.0 +1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "PHOENIX CONTACT"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-046/",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
              }
            ],
            "source": {
              "advisory": "VDE-2021-046",
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings \u003e LDAP and Logs \u003e Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34582",
        "datePublished": "2021-11-10T11:22:04.699Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:11:38.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34598 (GCVE-0-2021-34598)

    Vulnerability from cvelistv5 – Published: 2021-11-10 11:22 – Updated: 2024-09-16 18:39
    VLAI
    Title
    Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality
    Summary
    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
    CWE
    • CWE-401 - Improper Release of Memory Before Removing Last Reference
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD Affected: 1.4.0 , < FL MGUARD 1102 (No. 1153079)* (custom)
    Affected: 1.4.0 , < FL MGUARD 1105 (No. 1153078)* (custom)
    Create a notification for this product.
    Date Public
    2021-11-10 00:00
    Credits
    This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:47.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FL MGUARD",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "FL MGUARD 1102 (No. 1153079)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "FL MGUARD 1105 (No. 1153078)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder."
            }
          ],
          "datePublic": "2021-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Improper Release of Memory Before Removing Last Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:22:05.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
            }
          ],
          "source": {
            "advisory": "VDE-2021-046",
            "discovery": "EXTERNAL"
          },
          "title": "Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality",
          "workarounds": [
            {
              "lang": "en",
              "value": "To prevent the possibility of an attack, it is recommended to deactivate remote logging."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2021-11-10T11:00:00.000Z",
              "ID": "CVE-2021-34598",
              "STATE": "PUBLIC",
              "TITLE": "Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FL MGUARD",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.5.0 +1"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.5.0 +1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "PHOENIX CONTACT"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This vulnerability was discovered by a key customer. We kindly appreciate the coordinated disclosure of this vulnerability by the finder."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active"
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401 Improper Release of Memory Before Removing Last Reference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-046/",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
              }
            ],
            "source": {
              "advisory": "VDE-2021-046",
              "discovery": "EXTERNAL"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "To prevent the possibility of an attack, it is recommended to deactivate remote logging."
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34598",
        "datePublished": "2021-11-10T11:22:05.667Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:39:35.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34582 (GCVE-0-2021-34582)

    Vulnerability from cvelistv5 – Published: 2021-11-10 11:22 – Updated: 2024-09-16 20:11
    VLAI
    Title
    Phoenix Contact: FL MGUARD XSS through web-based management and REST API
    Summary
    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD Affected: 1.4.0 , < FL MGUARD 1102 (No. 1153079)* (custom)
    Affected: 1.4.0 , < FL MGUARD 1105 (No. 1153078)* (custom)
    Create a notification for this product.
    Date Public
    2021-11-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:46.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FL MGUARD",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "FL MGUARD 1102 (No. 1153079)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "FL MGUARD 1105 (No. 1153078)*",
                  "status": "affected",
                  "version": "1.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:22:04.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
            }
          ],
          "source": {
            "advisory": "VDE-2021-046",
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API",
          "workarounds": [
            {
              "lang": "en",
              "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings \u003e LDAP and Logs \u003e Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2021-11-10T11:00:00.000Z",
              "ID": "CVE-2021-34582",
              "STATE": "PUBLIC",
              "TITLE": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FL MGUARD",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1102 (No. 1153079)",
                                "version_value": "1.5.0 +1"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.4.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "FL MGUARD 1105 (No. 1153078)",
                                "version_value": "1.5.0 +1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "PHOENIX CONTACT"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-046/",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."
              }
            ],
            "source": {
              "advisory": "VDE-2021-046",
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings \u003e LDAP and Logs \u003e Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34582",
        "datePublished": "2021-11-10T11:22:04.699Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:11:38.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }