Launchpad.net

CVE 2013-6394

Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.

See the CVE page on Mitre.org for more details.