CVE-2010-2306

Name of the Vulnerable Software and Affected Versions Sourcefire 3D Sensor versions 1000, 2000, and 9900 Sourcefire Defense Center version 1000

Description The issue allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack due to the use of the same static, private SSL keys for multiple devices and installations.

Recommendations For Sourcefire 3D Sensor versions 1000, 2000, and 9900, regenerate unique SSL keys for each device. For Sourcefire Defense Center version 1000, regenerate unique SSL keys for each installation. As a temporary workaround, consider restricting access to sensitive data transmitted over SSL until unique keys are generated.