{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-01-04T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.kingston.com/driveupdate/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9"}, {"name": "1023410", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023410"}, {"tags": ["x_refsource_MISC"], "url": "http://it.slashdot.org/story/10/01/05/1734242/"}, {"tags": ["x_refsource_MISC"], "url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"}, {"tags": ["x_refsource_MISC"], "url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"}, {"tags": ["x_refsource_MISC"], "url": "http://blogs.zdnet.com/hardware/?p=6655"}, {"name": "kingston-access-control-sec-bypass(55477)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"}, {"tags": ["x_refsource_MISC"], "url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"}, {"name": "ADV-2010-0080", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0080"}, {"tags": ["x_refsource_MISC"], "url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0221", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.kingston.com/driveupdate/", "refsource": "MISC", "url": "http://www.kingston.com/driveupdate/"}, {"name": "http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9", "refsource": "MISC", "url": "http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9"}, {"name": "1023410", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023410"}, {"name": "http://it.slashdot.org/story/10/01/05/1734242/", "refsource": "MISC", "url": "http://it.slashdot.org/story/10/01/05/1734242/"}, {"name": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm", "refsource": "MISC", "url": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm"}, {"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html", "refsource": "MISC", "url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"}, {"name": "http://blogs.zdnet.com/hardware/?p=6655", "refsource": "MISC", "url": "http://blogs.zdnet.com/hardware/?p=6655"}, {"name": "kingston-access-control-sec-bypass(55477)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"}, {"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf", "refsource": "MISC", "url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"}, {"name": "ADV-2010-0080", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0080"}, {"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed", "refsource": "MISC", "url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:45:10.630Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kingston.com/driveupdate/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9"}, {"name": "1023410", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1023410"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://it.slashdot.org/story/10/01/05/1734242/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blogs.zdnet.com/hardware/?p=6655"}, {"name": "kingston-access-control-sec-bypass(55477)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"}, {"name": "ADV-2010-0080", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0080"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0221", "datePublished": "2010-01-07T19:00:00.000Z", "dateReserved": "2010-01-07T00:00:00.000Z", "dateUpdated": "2024-08-07T00:45:10.630Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBB91653-9096-47B8-9238-3F11F70979F6", "vulnerable": true}, {"criteria": "cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*", "matchCriteriaId": "6EC727F1-07ED-4FA1-B7F9-3F0499ABE62A", "vulnerable": true}, {"criteria": "cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*", "matchCriteriaId": "6B7C3258-1FD3-490C-85A3-42EA85AB2664", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."}, {"lang": "es", "value": "Los dispositivos USB Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) validan las contrase\u00f1as con un programa que se ejecuta en el ordenador anfitri\u00f3n y no en el propio dispositivo, lo que permite a atacantes cercanos f\u00edsicamente, acceder a los contenidos del dispositivo mediante un programa modificado."}], "id": "CVE-2010-0221", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-01-07T19:30:00.463", "references": [{"source": "cve@mitre.org", "url": "http://blogs.zdnet.com/hardware/?p=6655"}, {"source": "cve@mitre.org", "url": "http://it.slashdot.org/story/10/01/05/1734242/"}, {"source": "cve@mitre.org", "url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023410"}, {"source": "cve@mitre.org", "url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.kingston.com/driveupdate/"}, {"source": "cve@mitre.org", "url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"}, {"source": "cve@mitre.org", "url": "http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0080"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"}, {"source": "cve@mitre.org", "url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blogs.zdnet.com/hardware/?p=6655"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://it.slashdot.org/story/10/01/05/1734242/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1023410"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.kingston.com/driveupdate/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0080"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}