Page 14 of 83 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials. Un dispositivo Western Digital SanDisk X600, en determinadas configuraciones, una vulnerabilidad en el mecanismo de control de acceso de la unidad puede permitir a los datos ser descifrados sin conocimiento de las credenciales de autenticación apropiadas. • https://support.wdc.com/cat_products.aspx?ID=6&lang=en https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.3EPSS: 0%CPEs: 118EXPL: 0

Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices. Los dispositivos Western Digital SanDisk X300, X300s, X400 y X600: El método de autenticación de la actualización de firmware se basa en un resumen simétrico de HMAC. La clave utilizada para comprobar este resumen está presente en un área protegida del dispositivo y, si es extraída, podría ser usada para instalar un firmware arbitrario en otros dispositivos. • https://support.wdc.com/cat_products.aspx?ID=6&lang=en https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.5EPSS: 0%CPEs: 118EXPL: 0

Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure. Los dispositivos Western Digital SanDisk X300, X300s, X400 y X600: Una vulnerabilidad en el algoritmo wear-leveling de la unidad puede causar que los parámetros sensibles criptográficamente (como las claves de cifrado de datos) permanezcan en el medio de la unidad después de su borrado previsto. • https://support.wdc.com/downloads.aspx?g=907&lang=en https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-s • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. Western Digital mycloud.com anterior a la Versión Web 2.2.0-134, permite un ataque de tipo XSS. • https://support.wdc.com/downloads.aspx?g=907&lang=en#downloads https://www.westerndigital.com/support/productsecurity/wdc-20003-mycloud-site-version-2-2-0-134 https://www.westerndigital.com/support/productsecurity/wdc-20003-mycloud-xss-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking. Western Digital WesternDigitalSSDDashboardSetup.exe versiones anteriores a 3.0.2.0, permite el secuestro de DLL. • https://support.wdc.com/downloads.aspx?g=907&lang=en#downloads https://www.westerndigital.com/support/productsecurity/wdc-20001-ssd-dashboard-setup-privilege-escalation • CWE-427: Uncontrolled Search Path Element •