PT-2017-18008 · Phoenix Contact Gmbh · Mguard
Published
2017-05-19
·
Updated
2019-10-09
·
CVE-2017-7935
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Phoenix Contact GmbH mGuard versions 8.3.0 through 8.4.2
Description
A Resource Exhaustion issue allows an attacker to compromise the device's availability by performing multiple initial VPN requests.
Recommendations
For versions 8.3.0 through 8.4.2, consider restricting access to the VPN request functionality to minimize the risk of exploitation. As a temporary workaround, limit the number of initial VPN requests to prevent resource exhaustion until a patch is available.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mguard