Vulnerability-Lookup

VDE-2021-035

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2021-08-11 07:59 - Updated: 2025-05-22 13:03

Summary

PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management

Notes

Summary: Access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.

Impact: Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles ('ATV profiles'). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.

Mitigation: Stop the ApacheMDM Windows service. Edit file <mdm>/apache/conf/extra/httpd-mdm.conf and remove the instances of these lines for 'DocumentRoot' and alias '/atv': #Controls who can get stuff from this server. Require all granted <mdm> refers to the directory in which FL MGUARD DM is installed. Start the ApacheMDM Windows service.

Remediation: This vulnerability is fixed in FL MGUARD DM 1.13.0.1. We advise all affected FL MGUARD DM 1.12.0 and 1.13.0 users to upgrade to FL MGUARD DM 1.13.0.1 or a later version. Additional recommendations: - Limit network access to the Apache web server to as few network addresses as possible. - If possible, make use of encrypted mGuard configuration profiles.

CVE-2021-34579

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-269 - Improper Privilege Management

Mitigation Stop the ApacheMDM Windows service. Edit file <mdm>/apache/conf/extra/httpd-mdm.conf and remove the instances of these lines for 'DocumentRoot' and alias '/atv': #Controls who can get stuff from this server. Require all granted <mdm> refers to the directory in which FL MGUARD DM is installed. Start the ApacheMDM Windows service.

Vendor Fix This vulnerability is fixed in FL MGUARD DM 1.13.0.1. We advise all affected FL MGUARD DM 1.12.0 and 1.13.0 users to upgrade to FL MGUARD DM 1.13.0.1 or a later version. Additional recommendations: - Limit network access to the Apache web server to as few network addresses as possible. - If possible, make use of encrypted mGuard configuration profiles.

References

URL

Category

	https://certvde.com/en/advisories/VDE-2021-035	self
	https://certvde.com/de/advisories/vendor/phoenixc…	external
	https://phoenixcontact.csaf-tp.certvde.com/.well-…	self

Acknowledgments

CERT@VDE certvde.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/v1/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (\u0027ATV profiles\u0027). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Stop the ApacheMDM Windows service.\n\nEdit file \u003cmdm\u003e/apache/conf/extra/httpd-mdm.conf and remove the instances of these lines for \u0027DocumentRoot\u0027 and alias \u0027/atv\u0027:\n\n#Controls who can get stuff from this server.\n\nRequire all granted\n\n\u003cmdm\u003e refers to the directory in which FL MGUARD DM is installed.\n\nStart the ApacheMDM Windows service.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "This vulnerability is fixed in FL MGUARD DM 1.13.0.1. We advise all affected FL MGUARD DM 1.12.0 and 1.13.0 users to upgrade to FL MGUARD DM 1.13.0.1 or a later version.\nAdditional recommendations:\n\n- Limit network access to the Apache web server to as few network addresses as possible.\n- If possible, make use of encrypted mGuard configuration profiles.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2021-035: PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2021-035"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for PHOENIX CONTACT",
        "url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "self",
        "summary": "VDE-2021-035: PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-035.json"
      }
    ],
    "title": "PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management",
    "tracking": {
      "aliases": [
        "VDE-2021-035"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2025-02-10T09:30:35.925Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.18"
        }
      },
      "id": "VDE-2021-035",
      "initial_release_date": "2021-08-11T07:59:00.000Z",
      "revision_history": [
        {
          "date": "2021-08-11T07:59:00.000Z",
          "number": "1",
          "summary": "initial revision"
        },
        {
          "date": "2025-02-10T09:30:00.000Z",
          "number": "2",
          "summary": "Update: Provider data has been corrected"
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "3",
          "summary": "Fix: quotation mark"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version",
                    "name": "1.12.0",
                    "product": {
                      "name": "FL MGUARD DM 1.12.0",
                      "product_id": "CSAFPID-51001",
                      "product_identification_helper": {
                        "model_numbers": [
                          "2981974"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "1.13.0",
                    "product": {
                      "name": "FL MGUARD DM 1.13.0",
                      "product_id": "CSAFPID-51002",
                      "product_identification_helper": {
                        "model_numbers": [
                          "2981974"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "1.13.0.1",
                    "product": {
                      "name": "FL MGUARD DM 1.13.0.1",
                      "product_id": "CSAFPID-52001",
                      "product_identification_helper": {
                        "model_numbers": [
                          "2981974"
                        ]
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "FL MGUARD DM"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "PHOENIX CONTACT"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-34579",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (\u0027ATV profiles\u0027). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-52001"
        ],
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Stop the ApacheMDM Windows service.\n\nEdit file \u003cmdm\u003e/apache/conf/extra/httpd-mdm.conf and remove the instances of these lines for \u0027DocumentRoot\u0027 and alias \u0027/atv\u0027:\n\n#Controls who can get stuff from this server.\n\nRequire all granted\n\n\u003cmdm\u003e refers to the directory in which FL MGUARD DM is installed.\n\nStart the ApacheMDM Windows service.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "This vulnerability is fixed in FL MGUARD DM 1.13.0.1. We advise all affected FL MGUARD DM 1.12.0 and 1.13.0 users to upgrade to FL MGUARD DM 1.13.0.1 or a later version.\nAdditional recommendations:\n\n- Limit network access to the Apache web server to as few network addresses as possible.\n- If possible, make use of encrypted mGuard configuration profiles.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2021-34579"
    }
  ]
}

CVE-2021-34579 (GCVE-0-2021-34579)

Vulnerability from cvelistv5 – Published: 2022-11-09 16:28 – Updated: 2025-04-29 15:02

Title

PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management

Summary

In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (“ATV profiles”). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-269 - Improper Privilege Management

Assigner

CERTVDE

References

URL

	Vendor	Product	Version
	PHOENIX CONTACT	FL MGUARD DM (2981974)	Affected: 1.12.0 Affected: 1.13.0

BDU:2022-07437

Vulnerability from fstec - Published: 11.08.2021

Title

Уязвимость службы ApacheMDM системы централизованного управления промышленными маршрутизаторами и межсетевыми экранами FL MGUARD DM, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Description

Уязвимость службы ApacheMDM системы централизованного управления промышленными маршрутизаторами и межсетевыми экранами FL MGUARD DM связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации путем загрузки специально созданного файла с расширением .atv в профиль конфигурации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vendor

Phoenix Contact GmbH & Co. KG

Software Name

FL MGUARD DM

Software Version

1.12.0 (FL MGUARD DM), 1.13.0 (FL MGUARD DM)

Possible Mitigations

Использование рекомендаций: https://cert.vde.com/en/advisories/VDE-2021-035/ Компенсирующие меры: 1) Остановите работу службы ApacheMDM Windows; 2) Отредактируйте файл <mdm>/apache/conf/extra/httpd-mdm.conf и удалите экземпляры этих строк для «DocumentRoot» и «/atv»: # Controls who can get stuff from this server. Require all granted Параметр <mdm> относится к каталогу, в котором установлен FL MGUARD DM. 3) Запустите службу ApacheMDM Windows. Более подробные инструкции описаны в Руководстве Пользователя: http://help.mguard.com/en/mdm1/manual/1.12/107323_en_05/Section02/Section02.html

Reference

https://cert.vde.com/en/advisories/VDE-2021-035/ https://nvd.nist.gov/vuln/detail/CVE-2021-34579

CWE

CWE-269

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Phoenix Contact GmbH \u0026 Co. KG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.12.0 (FL MGUARD DM), 1.13.0 (FL MGUARD DM)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://cert.vde.com/en/advisories/VDE-2021-035/\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n1) \u041e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0435 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u043b\u0443\u0436\u0431\u044b ApacheMDM Windows;\n2) \u041e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0439\u0442\u0435 \u0444\u0430\u0439\u043b \u003cmdm\u003e/apache/conf/extra/httpd-mdm.conf \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u044d\u0442\u0438\u0445 \u0441\u0442\u0440\u043e\u043a \u0434\u043b\u044f \u00abDocumentRoot\u00bb \u0438 \u00ab/atv\u00bb:\n# Controls who can get stuff from this server.\nRequire all granted\n\u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u003cmdm\u003e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d FL MGUARD DM.\n3) \u0417\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0435 \u0441\u043b\u0443\u0436\u0431\u0443 ApacheMDM Windows.\n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u0432 \u0420\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f:\nhttp://help.mguard.com/en/mdm1/manual/1.12/107323_en_05/Section02/Section02.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.08.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.12.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.12.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07437",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-34579, VDE-2021-035",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "FL MGUARD DM",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b ApacheMDM \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0438 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u044d\u043a\u0440\u0430\u043d\u0430\u043c\u0438 FL MGUARD DM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-269)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b ApacheMDM \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0438 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u044d\u043a\u0440\u0430\u043d\u0430\u043c\u0438 FL MGUARD DM \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c .atv \u0432 \u043f\u0440\u043e\u0444\u0438\u043b\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cert.vde.com/en/advisories/VDE-2021-035/\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-34579",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-269",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VDE-2021-035

CVE-2021-34579 (GCVE-0-2021-34579)

BDU:2022-07437

Tags

Sightings

Nomenclature