CVE-2013-6394

Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:percona:xtrabackup:*:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.4:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-12-13 18:07

Updated : 2024-02-28 12:00


NVD link : CVE-2013-6394

Mitre link : CVE-2013-6394

CVE.ORG link : CVE-2013-6394


JSON object : View

Products Affected

percona

  • xtrabackup

opensuse

  • opensuse
CWE
CWE-310

Cryptographic Issues