First published: Wed Nov 10 2021(Updated: )
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
Credit: info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Phoenixcontact Fl Mguard 1102 Firmware | =1.4.0 | |
Phoenixcontact Fl Mguard 1102 Firmware | =1.4.1 | |
Phoenixcontact Fl Mguard 1102 Firmware | =1.5.0 | |
Phoenixcontact Fl Mguard 1102 | ||
Phoenixcontact Fl Mguard 1105 Firmware | =1.4.0 | |
Phoenixcontact Fl Mguard 1105 Firmware | =1.4.1 | |
Phoenixcontact Fl Mguard 1105 Firmware | =1.5.0 | |
Phoenixcontact Fl Mguard 1105 |
PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability identifier for this issue is CVE-2021-34598.
The severity level of CVE-2021-34598 is high with a score of 7.5.
Versions 1.4.0, 1.4.1, and 1.5.0 of Phoenix Contact FL MGUARD are affected by CVE-2021-34598.
CVE-2021-34598 impairs the remote logging functionality due to the lack of memory release for data structures from syslog-ng when remote logging is active.
You can find more information about CVE-2021-34598 at the following reference: https://cert.vde.com/en/advisories/VDE-2021-046/