CVE-2021-34598 HIGH

CVE-2021-34598: Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality

Vendor Phoenix Contact
Product FL MGUARD
Weakness CWE-401
Published November 10, 2021
Last update September 16, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active

Key dates

02Disclosure timeline

November 10, 2021 CVE published
September 16, 2024 Record updated