First published: Tue Mar 26 2019(Updated: )
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a session identifier.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Phoenixcontact Fl Nat Smn 8tx-m-dmg Firmware | ||
Phoenixcontact Fl Nat Smn 8tx-m-dmg | ||
Phoenixcontact Fl Nat Smn 8tx-m Firmware | ||
Phoenixcontact Fl Nat Smn 8tx-m | ||
Phoenixcontact Fl Nat Smn 8tx Firmware | ||
Phoenixcontact Fl Nat Smn 8tx | ||
Phoenixcontact Fl Nat Smcs 8tx Firmware | ||
Phoenixcontact Fl Nat Smcs 8tx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-9744 is a vulnerability that allows unauthorized access to the web interface of PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices.
CVE-2019-9744 has a severity rating of 8.8 (high).
PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices are affected.
Attackers can gain unauthorized access to the web interface by arriving from the same source IP address as an authenticated user.
It is recommended to apply the necessary security patches or updates provided by PHOENIX CONTACT to fix CVE-2019-9744.