exploitDog

CVE-2020-10951

Опубликовано: 15 апр. 2020

Источник: nvd

CVSS3: 4.7

CVSS2: 4.3

EPSS Низкий

Описание

Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.

Ссылки

https://support.wdc.com/downloads.aspx?g=907&lang=en
Release Notes
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability
Broken Link
Vendor Advisory
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
Vendor Advisory
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
Vendor Advisory
https://support.wdc.com/downloads.aspx?g=907&lang=en
Release Notes
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability
Broken Link
Vendor Advisory
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
Vendor Advisory
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:westerndigital:ibi:*:*:*:*:*:*:*:*

Версия до 2.2.0 (исключая)

cpe:2.3:a:westerndigital:my_cloud_home:*:*:*:*:*:*:*:*

Версия до 2.2.0 (исключая)

EPSS

Процентиль: 48%

0.00247

Низкий

4.7 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-1021

Связанные уязвимости

GHSA-g48c-wq65-9whh

CVSS3: 4.7

github

больше 3 лет назад

Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.

EPSS

Процентиль: 48%

0.00247

Низкий

4.7 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-1021