CVE-2006-2711

Опубликовано: 31 мая 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to obtain potentially sensitive information about messages.

Ссылки

http://secunia.com/advisories/20377
http://securitytracker.com/id?1016184
http://www.kb.cert.org/vuls/id/346377
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/WDON-6QAQN6
http://www.vupen.com/english/advisories/2006/2068
https://exchange.xforce.ibmcloud.com/vulnerabilities/26740
http://secunia.com/advisories/20377
http://securitytracker.com/id?1016184
http://www.kb.cert.org/vuls/id/346377
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/WDON-6QAQN6
http://www.vupen.com/english/advisories/2006/2068
https://exchange.xforce.ibmcloud.com/vulnerabilities/26740

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:secure_elements:class_5_enterprise_vulnerability_management:2.8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02731

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pc8c-hwmx-pxgj

github

почти 4 года назад