PT-2021-20573 · Phoenix Contact · Fl Mguard
A Key
·
Published
2021-11-10
·
Updated
2022-07-28
·
CVE-2021-34598
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Phoenix Contact FL MGUARD 1102 and 1105 versions 1.4.0 through 1.5.0
Description:
The remote logging functionality is impaired due to the lack of memory release for data structures from syslog-ng when remote logging is active.
Recommendations:
For versions 1.4.0, 1.4.1, and 1.5.0, consider disabling the remote logging functionality until a patch is available to prevent memory issues.
Restrict access to the syslog-ng data structures to minimize the risk of exploitation.
Avoid using the remote logging feature in the affected versions until the issue is resolved.
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fl Mguard