Vulnerabilities > CVE-2010-0229 - Credentials Management vulnerability in Verbatim Corporate Secure

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

verbatim

CWE-255

NVD

Published: 2010-01-07

Updated: 2010-01-08

Summary

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.

Vulnerable Configurations

Part	Description	Count
Hardware	Verbatim Verbatim Corporate Secure *	2

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.verbatim.com/security/security-update.cfm
https://www.ironkey.com/usb-flash-drive-flaw-exposed