CVE-2010-2306

CVE Database · CVE-2010-2306

CVE-2010-2306

· N/AModified

CVSS v3.1

N/A

EPSS

1.46%

Published

Jun 16, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.

Weaknesses (CWE)

CWE-16

Affected Products (4)

sourcefire · 3d1000vulnerable

sourcefire · 3d2000vulnerable

sourcefire · 3d9900vulnerable

sourcefire · dc1000vulnerable

References (16)

http://osvdb.org/65470

http://secunia.com/advisories/40143

Vendor Advisory

http://www.securityfocus.com/archive/1/511792/100/0/threaded