[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-5117

Date: (C)2012-08-24   (M)2015-12-16 


Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate attackers to defeat the full-disk encryption feature by leveraging knowledge of these credentials.

CVSS Score: 6.9Access Vector: LOCAL
Exploit Score: 3.4Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
http://www.sophos.com/en-us/support/knowledgebase/112655.aspx

CPE    15
cpe:/a:sophos:safeguard_easy_device_encryption_client:5.50.1
cpe:/a:sophos:safeguard_easy_device_encryption_client:5.50.0
cpe:/a:sophos:safeguard_enterprise_device_encryption:5.35.0
cpe:/a:sophos:safeguard_enterprise_device_encryption:5.50.8
...
CWE    1
CWE-362

© 2013 SecPod Technologies