// For flags

CVE-2021-34579

PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (“ATV profiles”). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.

En Phoenix Contact: FL MGUARD DM versiones 1.12.0 y 1.13.0, el acceso al servidor web Apache que se está instalando como parte de FL MGUARD DM en Microsoft Windows no requiere credenciales de inicio de sesión incluso si se configura durante la instalación. Los atacantes con acceso de red al servidor web Apache puede descargar y, por tanto, leer perfiles de configuración de mGuard ("perfiles ATV"). Dichos perfiles de configuración pueden contener información confidencial, por ejemplo, claves privadas asociadas con conexiones VPN IPsec.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-06-10 CVE Reserved
  • 2022-11-09 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-269: Improper Privilege Management
CAPEC
  • CAPEC-115: Authentication Bypass
References (1)
URL Tag Source
https://cert.vde.com/en/advisories/VDE-2021-035 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phoenixcontact
Search vendor "Phoenixcontact"
 Fl Mguard Dm
Search vendor "Phoenixcontact" for product "Fl Mguard Dm"
 1.12.0
Search vendor "Phoenixcontact" for product "Fl Mguard Dm" and version "1.12.0"
-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
 Fl Mguard Dm
Search vendor "Phoenixcontact" for product "Fl Mguard Dm"
 1.13.0
Search vendor "Phoenixcontact" for product "Fl Mguard Dm" and version "1.13.0"
-
Affected