CVE-2012-3006

Name of the Vulnerable Software and Affected Versions Innominate mGuard Smart HW versions before HW-101130 Innominate mGuard BD versions before BD-101030 Innominate mGuard industrial RS (affected versions not specified) Innominate mGuard delta HW versions before HW-103060 Innominate mGuard delta BD versions before BD-211010 Innominate mGuard PCI (affected versions not specified) Innominate mGuard blade (affected versions not specified) Innominate EAGLE mGuard appliances with software versions prior to 7.5.0

Description The issue is related to insufficient entropy for private keys, making it easier for man-in-the-middle attackers to spoof HTTPS or SSH servers by predicting a key value.

Recommendations For Innominate mGuard Smart HW versions before HW-101130, update to a version after HW-101130. For Innominate mGuard BD versions before BD-101030, update to a version after BD-101030. For Innominate mGuard industrial RS, Innominate mGuard PCI, and Innominate mGuard blade, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Innominate mGuard delta HW versions before HW-103060, update to a version after HW-103060. For Innominate mGuard delta BD versions before BD-211010, update to a version after BD-211010. For Innominate EAGLE mGuard appliances with software versions prior to 7.5.0, update to software version 7.5.0 or later.