VYPR

3d Sensor

by Sourcefire

CVEs (2)

  • CVE-2009-2344Jul 7, 2009
    risk 0.04cvss epss 0.09

    The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.

  • CVE-2010-2306Jun 16, 2010
    risk 0.00cvss epss 0.01

    The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.