6.9
CVSSv2

CVE-2011-5117

Published: 24/08/2012 Updated: 24/08/2012
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Sophos SafeGuard Enterprise Device Encryption 5.x up to and including 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate malicious users to defeat the full-disk encryption feature by leveraging knowledge of these credentials.

Vulnerable Product Search on Vulmon Subscribe to Product

sophos safeguard enterprise device encryption 5.6

sophos safeguard enterprise device encryption 5.35.0

sophos safeguard enterprise device encryption 5.35.1

sophos safeguard enterprise device encryption 5.35.2

sophos safeguard enterprise device encryption 5.35.3

sophos safeguard enterprise device encryption 5.40.0

sophos safeguard enterprise device encryption 5.50.0

sophos safeguard enterprise device encryption 5.50.1

sophos safeguard enterprise device encryption 5.50.8

sophos safeguard easy device encryption client 5.50.0

sophos safeguard easy device encryption client 5.50.1

sophos safeguard easy device encryption client 5.50.8

sophos disk encryption 5.50.0

sophos disk encryption 5.50.1

sophos disk encryption 5.50.8