Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2711

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2711
Last Modified 07 Mar 2011 09:36:51
Published 31 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2711

Summary

Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to obtain potentially sensitive information about messages.

Vulnerable Systems

Application

  • Secure Elements Class 5 Enterprise Vulnerability Management 2.8.0


References

CERT-VN - VU#346377

VUPEN - ADV-2006-2068

CONFIRM - http://www.kb.cert.org/vuls/id/WDON-6QAQN6

XF - c5evm-key-weak-encryption(26740)

SECTRACK - 1016184

SECUNIA - 20377


Last Updated: 27 May 2016 10:42:44