VDE-2022-051
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2022-11-15 09:27 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family
Notes
Summary: A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating from different source IP's. Configuring firewall limits for incoming connections cannot prevent the issue.
Mitigation: Don't allow access to the HTTPS management interface from untrusted networks.In the default configuration, the access is only allowed from internal interfaces.
Remediation: The vulnerability is fixed in firmware version 8.9.0. We strongly recommend all affected users to upgrade to this or a later version.
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP's. Configuring firewall limits for incoming connections cannot prevent the issue.
7.5 (High)
Mitigation
Don't allow access to the HTTPS management interface from untrusted networks.In the default configuration, the access is only allowed from internal interfaces.
Vendor Fix
The vulnerability is fixed in firmware version 8.9.0. We strongly recommend all affected users to upgrade to this or a later version.
References
Acknowledgments
CERT@VDE
Alpha Strike Labs GmbH
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination"
},
{
"organization": "Alpha Strike Labs GmbH",
"summary": "discovered"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating\u00a0from different source IP\u0027s. Configuring firewall limits for incoming connections cannot prevent the issue.",
"title": "Summary"
},
{
"category": "description",
"text": "Don\u0027t allow access to the HTTPS management interface from untrusted networks.In the default configuration, the access is only allowed from internal interfaces.",
"title": "Mitigation"
},
{
"category": "description",
"text": "The vulnerability is fixed in firmware version 8.9.0. We strongly recommend all affected users to upgrade to this or a later version.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PHOENIX CONTACT PSIRT ",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for PHOENIX CONTACT",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2022-051: PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-051/"
},
{
"category": "self",
"summary": "VDE-2022-051: PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-051.json"
}
],
"title": "PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family",
"tracking": {
"aliases": [
"VDE-2022-051"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-04-04T10:40:30.990Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.22"
}
},
"id": "VDE-2022-051",
"initial_release_date": "2022-11-15T09:27:00.000Z",
"revision_history": [
{
"date": "2022-11-15T09:27:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: added distribution, quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "FL MGUARD CENTERPORT",
"product": {
"name": "FL MGUARD CENTERPORT",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"2702547"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CENTERPORT VPN-1000",
"product": {
"name": "FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2702820"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CORE TX",
"product": {
"name": "FL MGUARD CORE TX",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"2702884"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CORE TX VPN",
"product": {
"name": "FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"2702831"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX",
"product": {
"name": "FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"2700967"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX VPN",
"product": {
"name": "FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"2700968"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT",
"product": {
"name": "FL MGUARD GT/GT",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"2700197"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT VPN",
"product": {
"name": "FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"2700198"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000",
"product": {
"name": "FL MGUARD PCI4000",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"2701274"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000 VPN",
"product": {
"name": "FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"2701275"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCIE4000",
"product": {
"name": "FL MGUARD PCIE4000",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"2701277"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCIE4000 VPN",
"product": {
"name": "FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"2701278"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2000 TX/TX-B",
"product": {
"name": "FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"2702139"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2000 TX/TX VPN",
"product": {
"name": "FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"2700642"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2005 TX VPN",
"product": {
"name": "FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"2701875"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX",
"product": {
"name": "FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"2700634"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX-M",
"product": {
"name": "FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-11017",
"product_identification_helper": {
"model_numbers": [
"2702470"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX-P",
"product": {
"name": "FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-11018",
"product_identification_helper": {
"model_numbers": [
"2702259"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX VPN",
"product": {
"name": "FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-11019",
"product_identification_helper": {
"model_numbers": [
"2200515"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX",
"product": {
"name": "FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-11020",
"product_identification_helper": {
"model_numbers": [
"2701876"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX VPN",
"product": {
"name": "FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-11021",
"product_identification_helper": {
"model_numbers": [
"2701877"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2",
"product": {
"name": "FL MGUARD SMART2",
"product_id": "CSAFPID-11022",
"product_identification_helper": {
"model_numbers": [
"2700640"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2 VPN",
"product": {
"name": "FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-11023",
"product_identification_helper": {
"model_numbers": [
"2700639"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 3G VPN",
"product": {
"name": "TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-11024",
"product_identification_helper": {
"model_numbers": [
"2903441"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G ATT VPN",
"product": {
"name": "TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-11025",
"product_identification_helper": {
"model_numbers": [
"1010464"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G VPN",
"product": {
"name": "TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-11026",
"product_identification_helper": {
"model_numbers": [
"2903588"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G VZW VPN",
"product": {
"name": "TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-11027",
"product_identification_helper": {
"model_numbers": [
"1010462"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 3G VPN",
"product": {
"name": "TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-11028",
"product_identification_helper": {
"model_numbers": [
"2903440"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G ATT VPN",
"product": {
"name": "TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-11029",
"product_identification_helper": {
"model_numbers": [
"1010463"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G VPN",
"product": {
"name": "TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-11030",
"product_identification_helper": {
"model_numbers": [
"2903586"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G VZW VPN",
"product": {
"name": "TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-11031",
"product_identification_helper": {
"model_numbers": [
"1010461"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.0",
"product": {
"name": "Firmware \u003c8.9.0",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "8.9.0",
"product": {
"name": "Firmware 8.9.0",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "PHOENIX CONTACT"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031"
],
"summary": "Affected Products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025",
"CSAFPID-32026",
"CSAFPID-32027",
"CSAFPID-32028",
"CSAFPID-32029",
"CSAFPID-32030",
"CSAFPID-32031"
],
"summary": "Fixed Products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD CENTERPORT",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD CORE TX",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD GT/GT",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD PCI4000",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD PCIE4000",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-31020"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-31021"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD SMART2",
"product_id": "CSAFPID-31022"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11022"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-31023"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11023"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-31024"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11024"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-31025"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11025"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-31026"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11026"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-31027"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-31028"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-31029"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11029"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-31030"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11030"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.0 installed on TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-31031"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11031"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD CENTERPORT",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD CORE TX",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD GT/GT",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD PCI4000",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD PCIE4000",
"product_id": "CSAFPID-32011"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-32012"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-32013"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-32014"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-32015"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-32016"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-32017"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-32018"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-32019"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-32020"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-32021"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD SMART2",
"product_id": "CSAFPID-32022"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11022"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-32023"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11023"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-32024"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11024"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-32025"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11025"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-32026"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11026"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-32027"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-32028"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-32029"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11029"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-32030"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11030"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.0 installed on TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-32031"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11031"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3480",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP\u0027s. Configuring firewall limits for incoming connections cannot prevent the issue.\n",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025",
"CSAFPID-32026",
"CSAFPID-32027",
"CSAFPID-32028",
"CSAFPID-32029",
"CSAFPID-32030",
"CSAFPID-32031"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Don\u0027t allow access to the HTTPS management interface from untrusted networks.In the default configuration, the access is only allowed from internal interfaces.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "The vulnerability is fixed in firmware version 8.9.0. We strongly recommend all affected users to upgrade to this or a later version.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031"
]
}
],
"title": "CVE-2022-3480"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…