PT-2015-6363 · Innominate · Mguard
Published
2015-08-30
·
Updated
2015-08-31
·
CVE-2015-3966
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Innominate mGuard devices with firmware versions prior to 8.1.7
Description
The issue affects the IPsec SA establishment process, allowing remote authenticated users to cause a denial of service by sending a crafted configuration with compression, leveraging a peer relationship. This can lead to a restart of the VPN service.
Recommendations
For versions prior to 8.1.7, update the firmware to version 8.1.7 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mguard