CVE-2023-2673
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PHOENIX CONTACT | FL MGUARD 2102 | 0 <= 10.1.1 | affected |
| PHOENIX CONTACT | FL MGUARD 4102 PCI | 0 <= 10.1.1 | affected |
| PHOENIX CONTACT | FL MGUARD 4102 PCIE | 0 <= 10.1.1 | affected |
| PHOENIX CONTACT | FL MGUARD 4302 | 0 <= 10.1.1 | affected |
| PHOENIX CONTACT | FL MGUARD CENTERPORT | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD CENTERPORT VPN-1000 | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD CORE TX | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD CORE TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD GT/GT | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD GT/GT VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD PCI4000 | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD PCI4000 VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD PCIE4000 | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD PCIE4000 VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX-B | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS2005 TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-M | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-P | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX VPN | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD SMART2 | 0 <= 8.9.0 | affected |
| PHOENIX CONTACT | FL MGUARD SMART2 VPN | 0 <= 8.9.0 | affected |
Weaknesses
- CWE-1287: CWE-1287 Improper Validation of Specified Type of Input
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.