Unrated severityNVD Advisory· Published Dec 13, 2013· Updated Apr 29, 2026

CVE-2013-6394

Description

Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.

Affected products

Percona/Xtrabackup8 versions
cpe:2.3:a:percona:xtrabackup:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:percona:xtrabackup:*:*:*:*:*:*:*:*range: <=2.1.5
- cpe:2.3:a:percona:xtrabackup:2.1.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:percona:xtrabackup:2.1.4:*:*:*:*:*:*:*
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000