CVE-2010-0223

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed", "name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed", "tags": [], "refsource": "MISC"}, {"url": "http://www.kingston.com/driveupdate/", "name": "http://www.kingston.com/driveupdate/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf", "name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf", "tags": [], "refsource": "MISC"}, {"url": "http://www.vupen.com/english/advisories/2010/0080", "name": "ADV-2010-0080", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9", "name": "http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0223", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-01-07T19:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-08-13T21:47Z"}