Search criteria
2 vulnerabilities found for enc_vaultapi by zendesk
CVE-2021-36750 (GCVE-0-2021-36750)
Vulnerability from nvd – Published: 2021-12-22 13:40 – Updated: 2024-08-04 01:01
VLAI?
Summary
ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.encsecurity.com/solutions.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-02T15:07:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.encsecurity.com/solutions.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-36750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.encsecurity.com/solutions.php",
"refsource": "MISC",
"url": "https://www.encsecurity.com/solutions.php"
},
{
"name": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software",
"refsource": "MISC",
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"name": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update",
"refsource": "MISC",
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"name": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/",
"refsource": "MISC",
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-36750",
"datePublished": "2021-12-22T13:40:32",
"dateReserved": "2021-07-15T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36750 (GCVE-0-2021-36750)
Vulnerability from cvelistv5 – Published: 2021-12-22 13:40 – Updated: 2024-08-04 01:01
VLAI?
Summary
ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.encsecurity.com/solutions.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-02T15:07:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.encsecurity.com/solutions.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-36750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.encsecurity.com/solutions.php",
"refsource": "MISC",
"url": "https://www.encsecurity.com/solutions.php"
},
{
"name": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software",
"refsource": "MISC",
"url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software"
},
{
"name": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update",
"refsource": "MISC",
"url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update"
},
{
"name": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/",
"refsource": "MISC",
"url": "https://pretalx.c3voc.de/rc3-2021-r3s/talk/QMYGR3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-36750",
"datePublished": "2021-12-22T13:40:32",
"dateReserved": "2021-07-15T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}