CVE-2021-34598 Vulnerability Details

  /     /     /  

CVE-2021-34598 Metadata Quick Info

CVE Published: 10/11/2021 | CVE Updated: 16/09/2024 | CVE Year: 2021
Source: CERTVDE | Vendor: PHOENIX CONTACT | Product: FL MGUARD
Status : PUBLISHED

---

CVE-2021-34598 Description

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active

Metrics

CVSS Version: 3.1 | Base Score: 7.5 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-401
CWE Name: CWE-401 Improper Release of Memory Before Removing Last Reference
Source: PHOENIX CONTACT

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).