Lucene search
+L
Secure ElementsC5 Enterprise Vulnerability Management

7 matches found

CVE
CVE
added 2006/05/31 10:0 p.m.48 views

CVE-2006-2704

CVE-2006-2704 affects Secure Elements Class 5 AVR server and client (C5 EVM) prior to version 2.8.1. The issue is that messages are sent in cleartext, allowing remote attackers to read sensitive vulnerability information. The connected documents do not provide exploit details, affected product va...

5CVSS6.5AI score0.02119EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.46 views

CVE-2006-2713

CVE-2006-2713 affects Secure Elements Class 5 AVR client (aka C5 EVM) prior to version 2.8.1. The vulnerability stems from generating predictable CEIDs, allowing a remote attacker to determine the CEID of a protected asset. This information could be leveraged in subsequent attacks against AVR. Th...

5CVSS6.5AI score0.01929EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.45 views

CVE-2006-2714

The CVE-2006-2714 issue is in Secure Elements Class 5 AVR client (aka C5 EVM) before version 2.8.1. The product does not validate the CEID of incoming messages, which can allow a remote attacker to send messages to a protected asset without knowing the proper CEID. Affected software: C5 EVM clien...

5CVSS6.6AI score0.01877EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.45 views

CVE-2006-2717

Affected software: Secure Elements Class 5 AVR client and server (C5 EVM) prior to 2.8.1. Vulnerability: authenticated attackers can overwrite arbitrary files (1) on a server during an update, or (2) on a client via modified pathnames, likely due to a directory traversal issue. Impact: potential ...

4CVSS6.6AI score0.01882EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.43 views

CVE-2006-2716

CVE-2006-2716 affects the Secure Elements Class 5 AVR server (aka C5 EVM) prior to version 2.8.1. The vulnerability stems from a hard-coded user ID and password, which enables remote attackers to gain access to the server. The connected sources confirm the affected component and root cause as har...

7.5CVSS6.9AI score0.02151EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.42 views

CVE-2006-2715

CVE-2006-2715 affects the Administration Console of Secure Elements Class 5 AVR (C5 EVM) prior to version 2.8.1. Root cause: access control is not enforced, enabling remote attackers to gain console access to servers. Impact is partial confidentiality/integrity/availability. Remediation: upgrade ...

7.5CVSS6.8AI score0.02151EPSS
CVE
CVE
added 2006/05/31 10:0 p.m.35 views

CVE-2006-2705

CVE-2006-2705 affects Secure Elements Class 5 AVR server (aka C5 EVM) prior to version 2.8.1. The vulnerability allows remote attackers to cause an unspecified denial of service through a flood of forged client registration messages. Connected documents do not add concrete technical details (affe...

5CVSS6.6AI score0.02169EPSS