Lucene search

K
cve[email protected]CVE-2010-0223
HistoryJan 07, 2010 - 7:30 p.m.

CVE-2010-0223

2010-01-0719:30:00
CWE-264
web.nvd.nist.gov
20
kingston
usb
drives
vulnerability
password replay
attack
security
cleartext
nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.

Affected configurations

NVD
Node
kingstondatatraveler_blackbox
OR
kingstondatatraveler_eliteprivacy
OR
kingstondatatraveler_secureprivacy

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

Related for CVE-2010-0223