PT-2022-19868 · Western Digital · Western Digital My Cloud
Asim Rehman
·
Published
2022-12-09
·
Updated
2022-12-12
·
CVE-2022-29838
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Western Digital My Cloud versions prior to 5.25.124
Description
The issue is related to an Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices. This vulnerability allows insecure direct access to the drive information in the case of a device reset.
Recommendations
For Western Digital My Cloud versions prior to 5.25.124, update to version 5.25.124 or later to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Western Digital My Cloud