sinpax.blogg.se - Cmwan server

The network server is disabled by default.

With binding to localhost an attack is no longer possible via remote network connection.

Run CodeMeter as client only and use localhost as binding for the CodeMeter communication.

Use general security best practices to protect systems from local and network attacks like described in the application node AH EN INDUSTRIAL SECURITY.

To help mitigate the vulnerability, Phoenix Contact said to: The CmWAN server is disabled by default.ĬVE-2021-20094 is the case number for the vulnerability, which has a CVSS base 3 score of 7.5. Sending special HTTP(S) requests to the CmWAN server can cause the CodeMeter License Server to crash. The vulnerability affects communication with the CodeMeter CmWAN server.

In addition, CodeMeter Runtime CmWAN Server has a denial of service vulnerability. CVE-2021-20093 is the case number for the issue, which has a CVSS base 3 score of 9.1.