{"containers": {"cna": {"affected": [{"product": "Phoenix Contact GmbH mGuard", "vendor": "n/a", "versions": [{"status": "affected", "version": "Phoenix Contact GmbH mGuard"}]}], "datePublic": "2017-05-18T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-05-19T02:57:01.000Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2017-7935", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Phoenix Contact GmbH mGuard", "version": {"version_data": [{"version_value": "Phoenix Contact GmbH mGuard"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-400"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:19:29.422Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2017-7935", "datePublished": "2017-05-19T02:43:00.000Z", "dateReserved": "2017-04-18T00:00:00.000Z", "dateUpdated": "2024-08-05T16:19:29.422Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "116FA86C-7A05-4B2C-8148-6FE371E60D70", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "236DEF3C-0F0F-467B-9EEB-276092938DAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "A6A1E205-BB61-47BE-A903-0F122D2D732A", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BCB742B0-8E3E-4110-87A9-D40360743A42", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "582782AB-3CBC-4EB6-B271-4AA270F87CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenix_contact_gmbh:mguard_firmware:8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "3625B7F5-0170-4269-97A3-F3ABF147F803", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenix_contact_gmbh:mguard:-:*:*:*:*:*:*:*", "matchCriteriaId": "418AA18B-BB7E-4C77-BF5C-F1CB320B643B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests."}, {"lang": "es", "value": "Se ha descubierto un problema de agotamiento de recursos en Phoenix Contact GmbH mGuard desde la versi\u00f3n 8.3.0 hasta la 8.4.2. Un atacante podr\u00eda comprometer la disponibilidad del dispositivo mediante m\u00faltiples peticiones iniciales de VPN."}], "id": "CVE-2017-7935", "lastModified": "2026-05-13T00:24:29.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-19T03:29:00.637", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}