CVSS: 6.5EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43391 – Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43391
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.5EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43390 – Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43390
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.5EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43389 – Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43389
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45285 – Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform
https://notcve.org/view.php?id=CVE-2024-45285
The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. • https://me.sap.com/notes/3488039 https://url.sap/sapsecuritypatchday • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43466 – Microsoft SharePoint Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-43466
Microsoft SharePoint Server Denial of Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43466 • CWE-502: Deserialization of Untrusted Data •