cbcvebase.
CVE-2010-3074
published 2010-09-17

CVE-2010-3074: SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to…

PriorityP44low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.39%
30.4th percentile
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.

Affected

10 ranges
VendorProductVersion rangeFixed in
arg0encfs<= 1.6.0
arg0encfs
arg0encfs
arg0encfs
arg0encfs
arg0encfs
arg0encfs>= 0 < 1.7.2-11.7.2-1
arg0encfs>= 0 < 1.7.2-11.7.2-1
arg0encfs>= 0 < 1.7.2-11.7.2-1
debianencfs< encfs 1.7.2-1 (bookworm)encfs 1.7.2-1 (bookworm)

CVSS provenance

nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_debian2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.