|
346631
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications.
|
NVD-CWE-Other
|
CVE-2006-2710
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346632
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Upgrade to 2.8.1
|
NVD-CWE-Other
|
CVE-2006-2710
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346633
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to o…
|
NVD-CWE-Other
|
CVE-2006-2711
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346634
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Upgrade to 2.8.1
|
NVD-CWE-Other
|
CVE-2006-2711
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346635
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages.
|
NVD-CWE-Other
|
CVE-2006-2712
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346636
|
- |
|
secure_elements
|
class_5_enterprise_vulnerability_management
|
Upgrade to version 2.8.1
|
NVD-CWE-Other
|
CVE-2006-2712
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346637
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks …
|
NVD-CWE-Other
|
CVE-2006-2713
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346638
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the…
|
NVD-CWE-Other
|
CVE-2006-2714
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346639
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console.
|
NVD-CWE-Other
|
CVE-2006-2715
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346640
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
|
NVD-CWE-Other
|
CVE-2006-2716
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
