A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
History

Fri, 27 Sep 2024 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Phoenixcontact
Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2102 Firmware
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 2105 Firmware
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pci Firmware
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4102 Pcie Firmware
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4302 Firmware
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard 4305 Firmware
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Centerport Vpn-1000 Firmware
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Firmware
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Core Tx Vpn Firmware
Phoenixcontact fl Mguard Delta Tx\/tx
Phoenixcontact fl Mguard Delta Tx\/tx Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Vpn
Phoenixcontact fl Mguard Delta Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Gt\/gt
Phoenixcontact fl Mguard Gt\/gt Firmware
Phoenixcontact fl Mguard Gt\/gt Vpn
Phoenixcontact fl Mguard Gt\/gt Vpn Firmware
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Firmware
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pci4000 Vpn Firmware
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Firmware
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Pcie4000 Vpn Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn Firmware
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Firmware
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact fl Mguard Smart2 Vpn Firmware
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn Firmware
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn Firmware
CPEs cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx-b:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-m:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-p:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
Vendors & Products Phoenixcontact
Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2102 Firmware
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 2105 Firmware
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pci Firmware
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4102 Pcie Firmware
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4302 Firmware
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard 4305 Firmware
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Centerport Vpn-1000 Firmware
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Firmware
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Core Tx Vpn Firmware
Phoenixcontact fl Mguard Delta Tx\/tx
Phoenixcontact fl Mguard Delta Tx\/tx Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Vpn
Phoenixcontact fl Mguard Delta Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Gt\/gt
Phoenixcontact fl Mguard Gt\/gt Firmware
Phoenixcontact fl Mguard Gt\/gt Vpn
Phoenixcontact fl Mguard Gt\/gt Vpn Firmware
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Firmware
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pci4000 Vpn Firmware
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Firmware
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Pcie4000 Vpn Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn Firmware
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Firmware
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact fl Mguard Smart2 Vpn Firmware
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn Firmware
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn Firmware

Tue, 10 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 10 Sep 2024 08:45:00 +0000

Type Values Removed Values Added
Description A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
Title Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
Weaknesses CWE-212
References
Metrics cvssV3_1

{'score': 5.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-09-10T08:42:42.629Z

Updated: 2024-09-10T15:51:48.345Z

Reserved: 2024-08-12T08:30:23.906Z

Link: CVE-2024-7698

cve-icon Vulnrichment

Updated: 2024-09-10T15:51:42.886Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-10T09:15:06.847

Modified: 2024-09-27T19:39:43.350

Link: CVE-2024-7698

cve-icon Redhat

No data.