5.7
CVE-2024-7698
- EPSS 0.1%
- Published 10.09.2024 09:15:06
- Last modified 22.08.2025 07:15:45
- Source info@cert.vde.com
- Teams watchlist Login
- Open Login
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
Data is provided by the National Vulnerability Database (NVD)
Phoenixcontact ≫ Tc Mguard Rs4000 4g Vzw Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 4g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 4g Att Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs4000 3g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Vzw Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 4g Att Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Tc Mguard Rs2000 3g Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Smart2 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Smart2 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Rs2005 Tx Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pcie4000 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pcie4000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pci4000 Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Pci4000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Core Tx Vpn Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Core Tx Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard Centerport Vpn-1000 Firmware Version < 8.9.3
Phoenixcontact ≫ Fl Mguard 4305 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4302 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4102 Pcie Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 4102 Pci Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 2105 Firmware Version < 10.4.1
Phoenixcontact ≫ Fl Mguard 2102 Firmware Version < 10.4.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.274 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| info@cert.vde.com | 5.7 | 2.1 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
|
CWE-201 Insertion of Sensitive Information Into Sent Data
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.