Main Vulnerability Database Vulnerabilities #VU69921

#VU69921 Insufficiently protected credentials in Western Digital products - CVE-2022-29839

Published: December 6, 2022

Vulnerability identifier: #VU69921

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-29839

CWE-ID: CWE-522

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
My Cloud PR2100
My Cloud PR4100
My Cloud EX4100
My Cloud EX2 Ultra
My Cloud Mirror G2
My Cloud DL2100
My Cloud DL4100
My Cloud EX2100
WD Cloud
My Cloud
My Cloud OS 5

Software vendor:
Western Digital

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A remote attacker can gain access protected data.

Remediation

Install updates from vendor's website.

External links

https://www.westerndigital.com/support/product-security/wdc-22019-my-cloud-firmware-version-5-25-124

#VU69921 Insufficiently protected credentials in Western Digital products - CVE-2022-29839

Description

Remediation

External links

Please verify you're human