Vulnerability identifier: #VU36084
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-254
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
pfsense
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Rubicon Communications
Description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
Mitigation
Install update from vendor's website.
Vulnerable software versions
pfsense: 2.4.4
External links
http://redmine.pfsense.org/issues/9223
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.