Ingate Firewall prior to 4.6.0 and SIParator prior to 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ingate ingate firewall |
||
ingate ingate siparator |