CVE-2017-7937

EUVD-2017-16908
An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to gain unauthorized access to the user firewall when RADIUS servers are unreachable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Affected Products (NVD)
VendorProductVersion
phoenix_contact_gmbhmguard_firmware
8.3.0
phoenix_contact_gmbhmguard_firmware
8.3.1
phoenix_contact_gmbhmguard_firmware
8.3.2
phoenix_contact_gmbhmguard_firmware
8.4.0
phoenix_contact_gmbhmguard_firmware
8.4.1
phoenix_contact_gmbhmguard_firmware
8.4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01
https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01