Secure Elements Information for VU#919345

Secure Elements Class 5 AVR server fails to validate source address of messages

Status

Affected

Vendor Statement

Remediation in C5 EVM version 2.8.1 and above

C5 EVM Sensor registrations are invalidated by the C5 EVM Server when the IP addresses of the Sensor registration request and corresponding Sensor survey do not match.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.