7.3
CVE-2024-39581 -
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
8.1
CVE-2024-39583 -
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
8.1
CVE-2024-43393 - Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP envirโฆ
8.1
CVE-2024-43392 - Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through theย FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a Doโฆ
8.1
CVE-2024-43391 - Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NATย through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
8.1
CVE-2024-43390 - Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
8.1
CVE-2024-43389 - Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
8.8
CVE-2024-43388 - Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
8.8
CVE-2024-43387 - Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
8.8
CVE-2024-43386 - Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO inย mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO inย mGuard devices.