Class 5 AVR client and server
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2705 | 0.00 | — | 0.02 | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages. | |||
| CVE-2006-2704 | 0.00 | — | 0.02 | May 31, 2006 | Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information. | |||
| CVE-2006-2706 | 0.00 | — | 0.02 | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | |||
| CVE-2006-2716 | 0.00 | — | 0.02 | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server. | |||
| CVE-2006-2707 | 0.00 | — | 0.01 | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients. |
- CVE-2006-2705May 31, 2006risk 0.00cvss —epss 0.02
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages.
- CVE-2006-2704May 31, 2006risk 0.00cvss —epss 0.02
Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information.
- CVE-2006-2706May 31, 2006risk 0.00cvss —epss 0.02
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts.
- CVE-2006-2716May 31, 2006risk 0.00cvss —epss 0.02
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
- CVE-2006-2707May 31, 2006risk 0.00cvss —epss 0.01
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients.