2 matches found
CVE-2021-36751
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
CVE-2021-36751
ENC DataVault 7.2.3 and earlier, including OEM versions, use a cryptographic algorithm vulnerable to ciphertext malleability, and lack a data-integrity check. An attacker could modify ciphertext, causing corresponding plaintext changes. The vulnerability is tied to ENC DataVault’s encryption choi...