Описание
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack.
Уязвимые конфигурации
Конфигурация 1Версия до 14.02.03 (включая)
Одно из
cpe:2.3:a:powerarchiver:powerarchiver:*:*:*:*:*:*:*:*
cpe:2.3:a:powerarchiver:powerarchiver:14.00:*:*:*:*:*:*:*
cpe:2.3:a:powerarchiver:powerarchiver:14.01:*:*:*:*:*:*:*
cpe:2.3:a:powerarchiver:powerarchiver:14.02:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00141
Низкий
5 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
debian
почти 12 лет назад
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 u ...
github
больше 3 лет назад
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack.
EPSS
Процентиль: 34%
0.00141
Низкий
5 Medium
CVSS2
Дефекты
CWE-310