Page 3 of 12 results (0.012 seconds)
CVSS: 5.7EPSS: 0%CPEs: 36EXPL: 0
CVE-2024-7698 – Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
https://notcve.org/view.php?id=CVE-2024-7698
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 5.3EPSS: 0%CPEs: 36EXPL: 0
CVE-2024-7734 – Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
https://notcve.org/view.php?id=CVE-2024-7734
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers. • https://cert.vde.com/en/advisories/VDE-2024-052 • CWE-770: Allocation of Resources Without Limits or Throttling •