CVE-2011-5117: Race Condition
First published: Fri Aug 24 2012(Updated: )
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate attackers to defeat the full-disk encryption feature by leveraging knowledge of these credentials.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos SafeGuard Enterprise | =5.6 | |
| Sophos SafeGuard Enterprise | =5.35.0 | |
| Sophos SafeGuard Enterprise | =5.35.1 | |
| Sophos SafeGuard Enterprise | =5.35.2 | |
| Sophos SafeGuard Enterprise | =5.35.3 | |
| Sophos SafeGuard Enterprise | =5.40.0 | |
| Sophos SafeGuard Enterprise | =5.50.0 | |
| Sophos SafeGuard Enterprise | =5.50.1 | |
| Sophos SafeGuard Enterprise | =5.50.8 | |
| Sophos SafeGuard Easy Device Encryption Client | =5.50.0 | |
| Sophos SafeGuard Easy Device Encryption Client | =5.50.1 | |
| Sophos SafeGuard Easy Device Encryption Client | =5.50.8 | |
| Sophos Disk Encryption | =5.50.0 | |
| Sophos Disk Encryption | =5.50.1 | |
| Sophos Disk Encryption | =5.50.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2011-5117?
CVE-2011-5117 is classified as a medium-severity vulnerability due to the potential for local attackers to exploit the delay in credential removal.
How do I fix CVE-2011-5117?
To remediate CVE-2011-5117, it is advised to upgrade to the latest version of Sophos SafeGuard Enterprise Device Encryption, SafeGuard Easy Device Encryption Client, or Sophos Disk Encryption.
Which versions of Sophos software are affected by CVE-2011-5117?
CVE-2011-5117 affects Sophos SafeGuard Enterprise Device Encryption versions 5.35.0 to 5.50.8, SafeGuard Easy Device Encryption Client versions 5.50.0 to 5.50.8, and Sophos Disk Encryption versions 5.50.0 to 5.50.8.
What type of attack does CVE-2011-5117 facilitate?
CVE-2011-5117 allows physically proximate attackers to bypass security by exploiting a delay in credential updates.
Is there a patch available for CVE-2011-5117?
Yes, Sophos has released patches in the form of software updates for the affected products to address CVE-2011-5117.
- agent/first-publish-date
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/sophos
- canonical/sophos safeguard enterprise
- version/sophos safeguard enterprise/5.6
- version/sophos safeguard enterprise/5.35.0
- version/sophos safeguard enterprise/5.35.1
- version/sophos safeguard enterprise/5.35.2
- version/sophos safeguard enterprise/5.35.3
- version/sophos safeguard enterprise/5.40.0
- version/sophos safeguard enterprise/5.50.0
- version/sophos safeguard enterprise/5.50.1
- version/sophos safeguard enterprise/5.50.8
- canonical/sophos safeguard easy device encryption client
- version/sophos safeguard easy device encryption client/5.50.0
- version/sophos safeguard easy device encryption client/5.50.1
- version/sophos safeguard easy device encryption client/5.50.8
- canonical/sophos disk encryption
- version/sophos disk encryption/5.50.0
- version/sophos disk encryption/5.50.1
- version/sophos disk encryption/5.50.8