CVE-2022-3480

A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
References
Link Resource
https://cert.vde.com/en/advisories/VDE-2022-051/ Mitigation Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_centerport:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx_vpn:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt_vpn:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx-b:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-m:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:51

Type Values Removed Values Added
Summary A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue. A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.

Information

Published : 2022-11-15 11:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-3480

Mitre link : CVE-2022-3480

CVE.ORG link : CVE-2022-3480


JSON object : View

Products Affected

phoenixcontact

  • fl_mguard_gt\/gt_vpn_firmware
  • fl_mguard_rs4000_tx\/tx-m_firmware
  • fl_mguard_pcie4000_vpn_firmware
  • fl_mguard_rs4000_tx\/tx-p_firmware
  • fl_mguard_rs4000_tx\/tx-p
  • fl_mguard_smart2
  • fl_mguard_rs2005_tx_vpn
  • fl_mguard_pci4000
  • fl_mguard_rs4000_tx\/tx_vpn
  • fl_mguard_delta_tx\/tx_vpn_firmware
  • fl_mguard_core_tx_firmware
  • fl_mguard_pci4000_vpn_firmware
  • fl_mguard_rs2000_tx\/tx-b
  • tc_mguard_rs4000_4g_vzw_vpn
  • tc_mguard_rs2000_3g_vpn_firmware
  • fl_mguard_smart2_vpn_firmware
  • fl_mguard_centerport_firmware
  • tc_mguard_rs4000_4g_vzw_vpn_firmware
  • fl_mguard_pcie4000_firmware
  • fl_mguard_core_tx
  • fl_mguard_core_tx_vpn
  • fl_mguard_rs4000_tx\/tx-m
  • fl_mguard_rs2000_tx\/tx_vpn
  • tc_mguard_rs4000_3g_vpn
  • fl_mguard_rs2000_tx\/tx-b_firmware
  • fl_mguard_rs4004_tx\/dtx
  • fl_mguard_rs4004_tx\/dtx_vpn
  • tc_mguard_rs4000_4g_att_vpn
  • tc_mguard_rs4000_4g_att_vpn_firmware
  • fl_mguard_pci4000_firmware
  • fl_mguard_centerport_vpn-1000
  • tc_mguard_rs2000_4g_vpn
  • fl_mguard_rs4000_tx\/tx_firmware
  • tc_mguard_rs2000_3g_vpn
  • fl_mguard_rs2005_tx_vpn_firmware
  • tc_mguard_rs2000_4g_att_vpn_firmware
  • fl_mguard_core_tx_vpn_firmware
  • fl_mguard_pci4000_vpn
  • fl_mguard_rs2000_tx\/tx_vpn_firmware
  • fl_mguard_rs4000_tx\/tx
  • fl_mguard_smart2_vpn
  • tc_mguard_rs2000_4g_att_vpn
  • fl_mguard_centerport
  • fl_mguard_rs4004_tx\/dtx_firmware
  • fl_mguard_smart2_firmware
  • fl_mguard_gt\/gt_vpn
  • tc_mguard_rs2000_4g_vpn_firmware
  • tc_mguard_rs2000_4g_vzw_vpn_firmware
  • tc_mguard_rs4000_3g_vpn_firmware
  • fl_mguard_pcie4000
  • fl_mguard_gt\/gt
  • fl_mguard_delta_tx\/tx_firmware
  • fl_mguard_pcie4000_vpn
  • fl_mguard_rs4000_tx\/tx_vpn_firmware
  • tc_mguard_rs2000_4g_vzw_vpn
  • fl_mguard_centerport_vpn-1000_firmware
  • fl_mguard_gt\/gt_firmware
  • fl_mguard_rs4004_tx\/dtx_vpn_firmware
  • tc_mguard_rs4000_4g_vpn
  • fl_mguard_delta_tx\/tx
  • fl_mguard_delta_tx\/tx_vpn
  • tc_mguard_rs4000_4g_vpn_firmware
CWE
CWE-770

Allocation of Resources Without Limits or Throttling