CVE-2019-18352

3 documents3 sources

Severity

8.2HIGH

EPSS

0.2%

top 58.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phoenixcontact FL NAT 2208 Firmware Phoenixcontact FL NAT 2304-2gc-2sfp Firmware

Timeline

PublishedFeb 18

Latest updateMay 24

Description

Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:LExploitability: 2.8 | Impact: 4.7

Affected Packages2 packages

▶NVDphoenixcontact/fl_nat_2304-2gc-2sfp_firmware< 2.90

▶NVDphoenixcontact/fl_nat_2208_firmware< 2.90

🔴Vulnerability Details

GHSA

GHSA-ff6j-m9jm-v653: Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2↗2022-05-24

▶

CVEList

CVE-2019-18352: Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2↗2020-02-18

▶