CVE-2015-2906 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-2906 Interim 1 13 2025-11-05T04:52:35Z current 2022-07-12T01:44:05Z 2025-11-05T04:52:35Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-2906 Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, store SSH private keys that are the same across different customers' installations, which makes it easier for remote attackers to obtain access by leveraging knowledge of a private key from another installation. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server Teradata 12 SP3 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 java-1_6_0-ibm java-1_6_0-ibm-fonts java-1_6_0-ibm-jdbc java-1_6_0-ibm-plugin libxerces-c-3_1 libxerces-c-3_1-32bit xerces-c libxerces-c-3_1 as a component of HPE Helion OpenStack 8 libxerces-c-3_1-32bit as a component of HPE Helion OpenStack 8 xerces-c as a component of HPE Helion OpenStack 8 xerces-c as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 java-1_6_0-ibm as a component of SUSE Linux Enterprise Module for Legacy 12 java-1_6_0-ibm-fonts as a component of SUSE Linux Enterprise Module for Legacy 12 java-1_6_0-ibm-jdbc as a component of SUSE Linux Enterprise Module for Legacy 12 java-1_6_0-ibm-plugin as a component of SUSE Linux Enterprise Module for Legacy 12 java-1_6_0-ibm as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP2-BCL xerces-c as a component of SUSE Linux Enterprise Server 12 SP2-BCL libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP3-BCL xerces-c as a component of SUSE Linux Enterprise Server 12 SP3-BCL libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP3-ESPOS libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP3-ESPOS xerces-c as a component of SUSE Linux Enterprise Server 12 SP3-ESPOS libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP3-LTSS xerces-c as a component of SUSE Linux Enterprise Server 12 SP3-LTSS libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS xerces-c as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP4-LTSS xerces-c as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libxerces-c-3_1 as a component of SUSE Linux Enterprise Server 12 SP5 libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server 12 SP5 xerces-c as a component of SUSE Linux Enterprise Server 12 SP5 xerces-c as a component of SUSE Linux Enterprise Server Teradata 12 SP3 libxerces-c-3_1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xerces-c as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libxerces-c-3_1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libxerces-c-3_1-32bit as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 xerces-c as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 xerces-c as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libxerces-c-3_1 as a component of SUSE OpenStack Cloud 8 libxerces-c-3_1-32bit as a component of SUSE OpenStack Cloud 8 xerces-c as a component of SUSE OpenStack Cloud 8 libxerces-c-3_1 as a component of SUSE OpenStack Cloud 9 libxerces-c-3_1-32bit as a component of SUSE OpenStack Cloud 9 xerces-c as a component of SUSE OpenStack Cloud 9 libxerces-c-3_1 as a component of SUSE OpenStack Cloud Crowbar 8 libxerces-c-3_1-32bit as a component of SUSE OpenStack Cloud Crowbar 8 xerces-c as a component of SUSE OpenStack Cloud Crowbar 8 libxerces-c-3_1 as a component of SUSE OpenStack Cloud Crowbar 9 libxerces-c-3_1-32bit as a component of SUSE OpenStack Cloud Crowbar 9 xerces-c as a component of SUSE OpenStack Cloud Crowbar 9 Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, store SSH private keys that are the same across different customers' installations, which makes it easier for remote attackers to obtain access by leveraging knowledge of a private key from another installation. CVE-2015-2906 HPE Helion OpenStack 8:libxerces-c-3_1 HPE Helion OpenStack 8:libxerces-c-3_1-32bit HPE Helion OpenStack 8:xerces-c SUSE Linux Enterprise High Performance Computing 12 SP5:xerces-c SUSE Linux Enterprise Server 12 SP2-BCL:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP2-BCL:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP2-BCL:xerces-c SUSE Linux Enterprise Server 12 SP3-BCL:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP3-BCL:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP3-BCL:xerces-c SUSE Linux Enterprise Server 12 SP3-ESPOS:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP3-ESPOS:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP3-ESPOS:xerces-c SUSE Linux Enterprise Server 12 SP3-LTSS:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP3-LTSS:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP3-LTSS:xerces-c SUSE Linux Enterprise Server 12 SP4-ESPOS:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP4-ESPOS:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP4-ESPOS:xerces-c SUSE Linux Enterprise Server 12 SP4-LTSS:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP4-LTSS:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP4-LTSS:xerces-c SUSE Linux Enterprise Server 12 SP5:libxerces-c-3_1 SUSE Linux Enterprise Server 12 SP5:libxerces-c-3_1-32bit SUSE Linux Enterprise Server 12 SP5:xerces-c SUSE Linux Enterprise Server Teradata 12 SP3:xerces-c SUSE Linux Enterprise Server for SAP Applications 12 SP3:libxerces-c-3_1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libxerces-c-3_1-32bit SUSE Linux Enterprise Server for SAP Applications 12 SP3:xerces-c SUSE Linux Enterprise Server for SAP Applications 12 SP4:libxerces-c-3_1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libxerces-c-3_1-32bit SUSE Linux Enterprise Server for SAP Applications 12 SP4:xerces-c SUSE Linux Enterprise Server for SAP Applications 12 SP5:xerces-c SUSE OpenStack Cloud 8:libxerces-c-3_1 SUSE OpenStack Cloud 8:libxerces-c-3_1-32bit SUSE OpenStack Cloud 8:xerces-c SUSE OpenStack Cloud 9:libxerces-c-3_1 SUSE OpenStack Cloud 9:libxerces-c-3_1-32bit SUSE OpenStack Cloud 9:xerces-c SUSE OpenStack Cloud Crowbar 8:libxerces-c-3_1 SUSE OpenStack Cloud Crowbar 8:libxerces-c-3_1-32bit SUSE OpenStack Cloud Crowbar 8:xerces-c SUSE OpenStack Cloud Crowbar 9:libxerces-c-3_1 SUSE OpenStack Cloud Crowbar 9:libxerces-c-3_1-32bit SUSE OpenStack Cloud Crowbar 9:xerces-c important 9 AV:N/AC:L/Au:S/C:C/I:C/A:C