CVE-2010-2306 - OpenCVE

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:A/AC:M/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sourcefire	3d1000 3d2000 3d9900 Dc1000

Configuration 1 [-]

OR	cpe:2.3:h:sourcefire:3d1000::::::::
	cpe:2.3:h:sourcefire:3d2000::::::::
	cpe:2.3:h:sourcefire:3d9900::::::::

Configuration 2 [-]

cpe:2.3:h:sourcefire:dc1000:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/65470
http://secunia.com/advisories/40143
http://www.securityfocus.com/archive/1/511792/100/0/threaded
http://www.securitytracker.com/id?1024092
http://www.vupen.com/english/advisories/2010/1438
http://www.zerodayinitiative.com/advisories/ZDI-10-107/
https://exchange.xforce.ibmcloud.com/vulnerabilities/59380
https://support.sourcefire.com/notices/notice/1437

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-06-16T20:00:00

Updated: 2024-08-07T02:32:15.528Z

Reserved: 2010-06-16T00:00:00

Link: CVE-2010-2306

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-06-16T20:30:02.670

Modified: 2018-10-10T19:59:31.370

Link: CVE-2010-2306

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "65470", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/65470"}, {"tags": ["x_refsource_MISC"], "url": "https://support.sourcefire.com/notices/notice/1437"}, {"name": "40143", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40143"}, {"name": "1024092", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024092"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"}, {"name": "ADV-2010-1438", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1438"}, {"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"}, {"name": "sourcefire3d-ssl-mitm(59380)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2306", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "65470", "refsource": "OSVDB", "url": "http://osvdb.org/65470"}, {"name": "https://support.sourcefire.com/notices/notice/1437", "refsource": "MISC", "url": "https://support.sourcefire.com/notices/notice/1437"}, {"name": "40143", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40143"}, {"name": "1024092", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024092"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"}, {"name": "ADV-2010-1438", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1438"}, {"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"}, {"name": "sourcefire3d-ssl-mitm(59380)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:32:15.528Z"}, "title": "CVE Program Container", "references": [{"name": "65470", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/65470"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.sourcefire.com/notices/notice/1437"}, {"name": "40143", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40143"}, {"name": "1024092", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024092"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"}, {"name": "ADV-2010-1438", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1438"}, {"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"}, {"name": "sourcefire3d-ssl-mitm(59380)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2306", "datePublished": "2010-06-16T20:00:00", "dateReserved": "2010-06-16T00:00:00", "dateUpdated": "2024-08-07T02:32:15.528Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:sourcefire:3d1000:*:*:*:*:*:*:*:*", "matchCriteriaId": "436CD187-D7EE-4510-8E69-928E5AA60652", "vulnerable": true}, {"criteria": "cpe:2.3:h:sourcefire:3d2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "96BD8C30-7CE0-4A10-A584-D536A0516464", "vulnerable": true}, {"criteria": "cpe:2.3:h:sourcefire:3d9900:*:*:*:*:*:*:*:*", "matchCriteriaId": "43A19CAD-5467-4C22-8D36-BC13619C3BF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:sourcefire:dc1000:*:*:*:*:*:*:*:*", "matchCriteriaId": "376A9BCB-5559-4F6A-9188-A8C457214527", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack."}, {"lang": "es", "value": "La instalaci\u00f3n por defecto de Sourcefire 3D Sensor 1000, 2000, y 9900 y Defense Center 1000, usa la misma clave est\u00e1tica/privada por defecto en instalaciones m\u00faltiples de ese dispositivo, lo que permite a atacantes remotos capturar y descifrar el tr\u00e1fico SSL a trav\u00e9s de un ataque de hombre-en-el-medio (Man-in-the-midlle)."}], "id": "CVE-2010-2306", "lastModified": "2018-10-10T19:59:31.370", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-06-16T20:30:02.670", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/65470"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40143"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1024092"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1438"}, {"source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"}, {"source": "cve@mitre.org", "url": "https://support.sourcefire.com/notices/notice/1437"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-16"}], "source": "nvd@nist.gov", "type": "Primary"}]}