Описание
An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.4.0-191 (исключая)
Одновременно
cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 9.4.0-191 (исключая)
Одновременно
cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 9.4.0-191 (исключая)
Одновременно
cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
4.4 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-400
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.4
github
больше 2 лет назад
An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: through 9.4.0-191; ibi: through 9.4.0-191.
EPSS
Процентиль: 29%
0.00107
Низкий
4.4 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-400
NVD-CWE-noinfo