8
CVE-2024-43384
- EPSS 0.03%
- Veröffentlicht 07.05.2026 09:16:24
- Zuletzt bearbeitet 11.05.2026 15:20:42
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
Phoenix Contact: Improper removal of sensitive information in MGUARD products
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phoenixcontact ≫ Fl Mguard 2102 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 2105 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4102 Pci Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4102 Pcie Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4302 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4305 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard Centerport Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Centerport Vpn-1000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Core Tx Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Core Tx Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pci4000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pci4000 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pcie4000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pcie4000 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Rs2005 Tx Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Smart2 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Smart2 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 3g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Att Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Vzw Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 3g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 4g Att Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 4g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 4g Vzw Vpn Firmware Version < 8.9.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.087 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer
The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.