CVE-2024-43384

Summary

A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.

Affected Software

VendorProductVersion RangeStatus
PHOENIX CONTACTFL MGUARD 21020 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 21050 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 4102 PCI0 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 4102 PCIE0 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 43020 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 43050 < 10.4.1affected
PHOENIX CONTACTFL MGUARD CENTERPORT VPN-10000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD CORE TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD CORE TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD DELTA TX/TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD DELTA TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD GT/GT0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD GT/GT VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCI40000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCI4000 VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCIE40000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCIE4000 VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2000 TX/TX-B0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2000 TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2005 TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX-M0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX-P0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4004 TX/DTX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4004 TX/DTX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD SMART20 < 8.9.3affected
PHOENIX CONTACTFL MGUARD SMART2 VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 3G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G ATT VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G VZW VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 3G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G ATT VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G VZW VPN0 < 8.9.3affected

Weaknesses

  • CWE-212: CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References