Vulnerability Description
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a session identifier.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phoenixcontact | Fl Nat Smn 8Tx-M-Dmg Firmware | - |
| Phoenixcontact | Fl Nat Smn 8Tx-M-Dmg | - |
| Phoenixcontact | Fl Nat Smn 8Tx-M Firmware | - |
| Phoenixcontact | Fl Nat Smn 8Tx-M | - |
| Phoenixcontact | Fl Nat Smn 8Tx Firmware | - |
| Phoenixcontact | Fl Nat Smn 8Tx | - |
| Phoenixcontact | Fl Nat Smcs 8Tx Firmware | - |
| Phoenixcontact | Fl Nat Smcs 8Tx | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/108576
- https://cert.vde.com/de-de/advisories/vde-2019-006MitigationVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-19-155-02
- http://www.securityfocus.com/bid/108576
- https://cert.vde.com/de-de/advisories/vde-2019-006MitigationVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-19-155-02
FAQ
What is CVE-2019-9744?
CVE-2019-9744 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from th...
How severe is CVE-2019-9744?
CVE-2019-9744 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9744?
Check the references section above for vendor advisories and patch information. Affected products include: Phoenixcontact Fl Nat Smn 8Tx-M-Dmg Firmware, Phoenixcontact Fl Nat Smn 8Tx-M-Dmg, Phoenixcontact Fl Nat Smn 8Tx-M Firmware, Phoenixcontact Fl Nat Smn 8Tx-M, Phoenixcontact Fl Nat Smn 8Tx Firmware.