CVE-2015-3966
Innominate mGuard Firmware < 8.1.7 - Authenticated Denial of Service via IPsec SA Compression
Title source: llmDescription
The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a peer relationship to send a crafted configuration with compression.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.innominate.com/data/downloads/software/innominate_security_advisory_20150714_001_en.pdf
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-239-03
Scores
EPSS
0.0162
EPSS Percentile
73.1%
Details
CWE
CWE-20
Status
published
Products (10)
innominate/mguard_firmware
8.0.0
innominate/mguard_firmware
8.0.1
innominate/mguard_firmware
8.0.2
innominate/mguard_firmware
8.0.3
innominate/mguard_firmware
8.1.1
innominate/mguard_firmware
8.1.2
innominate/mguard_firmware
8.1.3
innominate/mguard_firmware
8.1.4
innominate/mguard_firmware
8.1.5
innominate/mguard_firmware
8.1.6
Published
Aug 30, 2015
Tracked Since
Feb 18, 2026