Vulnerabilities > CVE-2006-2710 - Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

secure-elements

NVD

Published: 2006-05-31

Updated: 2017-07-20

Summary

Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications. Upgrade to 2.8.1

Vulnerable Configurations

Part	Description	Count
Application	Secure_Elements Secure Elements Class 5 Enterprise Vulnerability Management 2.8.0	1

References

http://secunia.com/advisories/20378
http://securitytracker.com/id?1016184
http://www.kb.cert.org/vuls/id/566553
http://www.kb.cert.org/vuls/id/WDON-6QAQK9
http://www.vupen.com/english/advisories/2006/2069
https://exchange.xforce.ibmcloud.com/vulnerabilities/26753