Loading
Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.
Cite this page
CVE-2013-6394. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2013-6394
Use CWE-310, Percona vendor hub and Xtrabackup product page to widen CVE-2013-6394 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-25834, CVE-2022-26944 and CVE-2020-10997 for nearby disclosures in the same product family.