CVE-2011-5117 Information

Description

Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13 Sophos SafeGuard Easy Device Encryption Client 5.50.x and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials which allows physically proximate attackers to defeat the full-disk encryption feature by leveraging knowledge of these credentials.

Reference

http://www.sophos.com/en-us/support/knowledgebase/112655.aspx