CVE CyberSecurity Database News

CVE-2022-3480 An attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending more unauthenticated HTTPS connections from different source IP's.

Poster -

A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue. CVE-2018-9223 A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue. CVE-2018-9229 A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
A remote

Affected Devices

PHOENIX CONTACT FL MGUARD: Version 8.9.0 and below
TC MGUARD: Version 8.9.0 and below

PHOENIX CONTACT FL MGUARD and TC MGUARD Software Versions

PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 are vulnerable to denial-of-service if they receive a larger number of unauthenticated HTTPS connections originating from different source IP’s.
PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 are vulnerable to denial-of-service if they receive a larger number of unauthenticated HTTPS connections originating from different source IP’s.
PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 are vulnerable to denial-of-service if they receive a larger number of unauthenticated HTTPS connections originating from different source IP’s, which could cause the system to become unavailable for users or for business data services such as forwarding, answering, call handling, etc.

Timeline

Published on: 11/15/2022 11:15:00 UTC
Last modified on: 11/15/2022 13:51:00 UTC

References