High Number of TCP Connections Can Lead to Valid IPsec VPN Peers Blocking

CVE-2024-7734

5.3MEDIUM

Key Information

Vendor: Phoenix Contact
Status: Fl Mguard 2102; Fl Mguard 2105; Fl Mguard 4102 Pci; Fl Mguard 4102 Pcie
Vendor: CVE Published:; 10 September 2024

Summary

An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.

Affected Version(s)

FL MGUARD 2102 < 10.4.1

FL MGUARD 2105 < 10.4.1

FL MGUARD 4102 PCI < 10.4.1

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 10, 2024
Vulnerability Reserved.
Aug 13, 2024

Collectors

NVD DatabaseMitre Database