CVE-2021-36751

ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does not know the secret key) can make ciphertext modifications that are reflected in modified plaintext. There is no data integrity mechanism. (This behavior occurs across USB drives sold under multiple brand names.)
Configurations

Configuration 1 (hide)

cpe:2.3:a:encsecurity:datavault:*:*:*:*:*:*:*:*

History

25 Nov 2022, 05:15

Type Values Removed Values Added
References
  • (MISC) https://encsecurity.zendesk.com/hc/en-us/articles/7860771829533 -

Information

Published : 2022-01-02 16:15

Updated : 2022-11-25 05:15


NVD link : CVE-2021-36751

Mitre link : CVE-2021-36751


JSON object : View

Products Affected

encsecurity

  • datavault
CWE
CWE-326

Inadequate Encryption Strength

CWE-798

Use of Hard-coded Credentials