Vulnerability Details CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate attackers to defeat the full-disk encryption feature by leveraging knowledge of these credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.4%
CVSS Severity
CVSS v2 Score 6.9
References
Products affected by CVE-2011-5117
-
cpe:2.3:a:sophos:disk_encryption:5.50.0
-
cpe:2.3:a:sophos:disk_encryption:5.50.1
-
cpe:2.3:a:sophos:disk_encryption:5.50.8
-
cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:5.50.0
-
cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:5.50.1
-
cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:5.50.8
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.35.0
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.35.1
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.35.2
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.35.3
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.40.0
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.50.0
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.50.1
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.50.8
-
cpe:2.3:a:sophos:safeguard_enterprise_device_encryption:5.6