7.1

CVE-2012-3006

The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuard delta HW before HW-103060 and BD before BD-211010, mGuard PCI, mGuard blade, and EAGLE mGuard appliances with software before 7.5.0 do not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof (1) HTTPS or (2) SSH servers by predicting a key value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
InnominateMguard Firmware Version < 7.5.0
   InnominateEagle Mguard Bd-301010 Version-
   InnominateEagle Mguard Hw-201000 Version-
   InnominateMguard Blade Hw-104020 Version-
   InnominateMguard Blade Hw-104050 Version-
   InnominateMguard Delta Bd-201000 Version-
   InnominateMguard Delta Hw-103050 Version-
   InnominateMguard Industrial Rs Bd-501000 Version-
   InnominateMguard Industrial Rs Bd-501010 Version-
   InnominateMguard Industrial Rs Bd-501020 Version-
   InnominateMguard Industrial Rs Hw-105000 Version-
   InnominateMguard Pci Bd-111010 Version-
   InnominateMguard Pci Bd-111020 Version-
   InnominateMguard Pci Hw-102020 Version-
   InnominateMguard Pci Hw-102050 Version-
   InnominateMguard Smart Bd-101010 Version-
   InnominateMguard Smart Bd-101020 Version-
   InnominateMguard Smart Hw-101020 Version-
   InnominateMguard Smart Hw-101050 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.649
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 3.9 10
AV:N/AC:H/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/control_systems/pdf/ICSA-12-167-01.pdf
Third Party Advisory
US Government Resource
Broken Link