CVE-2010-0226

EPSS 0.08%
Published 07.01.2010 19:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

SanDisk Cruzer Enterprise USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Sandisk ≫ Cruzer Enterprise Usb

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.209

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9

https://www.ironkey.com/usb-flash-drive-flaw-exposed

http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009

Vendor Advisory

http://www.securityfocus.com/bid/37677

http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf

http://www.vupen.com/english/advisories/2010/0078

https://nvd.nist.gov/vuln/detail/CVE-2010-0226

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0226

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0226

EUVD