Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

c5 enterprise vulnerability management vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2006-2713
Secure Elements Class 5 AVR client (aka C5 EVM) prior to 2.8.1 generates predictable CEIDs, which allows remote malicious users to determine the CEID of a protected asset, which can be used in other attacks against AVR.
Secure Elements C5 Enterprise Vulnerability Management
5
CVSSv2
CVE-2006-2714
Secure Elements Class 5 AVR client (aka C5 EVM) prior to 2.8.1 does not validate the CEID of an incoming message, which allows remote malicious users to send messages to a protected asset without knowing the proper CEID.
Secure Elements C5 Enterprise Vulnerability Management
7.5
CVSSv2
CVE-2006-2715
The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) prior to 2.8.1 does not enforce access control, which allows remote malicious users to gain access to servers via the console.
Secure Elements C5 Enterprise Vulnerability Management
7.5
CVSSv2
CVE-2006-2716
Secure Elements Class 5 AVR server (aka C5 EVM) prior to 2.8.1 uses a hard-coded user ID and password, which allows remote malicious users to gain access to the server.
Secure Elements C5 Enterprise Vulnerability Management
4
CVSSv2
CVE-2006-2717
Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) prior to 2.8.1 allows authenticated malicious users to overwrite arbitrary files (1) on a server during an update or (2) on a client via modified pathnames, possibly due to a directory travers...
Secure Elements C5 Enterprise Vulnerability Management
5
CVSSv2
CVE-2006-2705
Secure Elements Class 5 AVR server (aka C5 EVM) prior to 2.8.1 allows remote malicious users to cause an unspecified denial of service via a large number of forged client registration messages.
Secure Elements C5 Enterprise Vulnerability Management 2.8.0
5
CVSSv2
CVE-2006-2704
Secure Elements Class 5 AVR server and client (aka C5 EVM) prior to 2.8.1 send messages in cleartext, which allows remote malicious users to read sensitive vulnerability information.
Secure Elements C5 Enterprise Vulnerability Management 2.8.0
5
CVSSv2
CVE-2006-2706
Secure Elements Class 5 AVR server (aka C5 EVM) prior to 2.8.1 allows remote malicious users to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts.
Secure Elements Class 5 Enterprise Vulnerability Management
5
CVSSv2
CVE-2006-2710
Secure Elements Class 5 AVR (aka C5 EVM) prior to 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications.
Secure Elements Class 5 Enterprise Vulnerability Management 2.8.0
5
CVSSv2
CVE-2006-2712
Secure Elements Class 5 AVR (aka C5 EVM) client and server prior to 2.8.1 do not verify the integrity of a message digest, which allows remote malicious users to modify and replay messages.
Secure Elements Class 5 Enterprise Vulnerability Management 2.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook