My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues.
References
Link | Resource |
---|---|
https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Oct 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues. |
21 Jan 2022, 17:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Westerndigital my Cloud Ex4100
Westerndigital my Cloud Mirror Gen 2 Westerndigital my Cloud Dl2100 Westerndigital my Cloud Ex2 Ultra Westerndigital my Cloud Pr2100 Westerndigital my Cloud Ex2100 Westerndigital my Cloud Dl4100 Westerndigital my Cloud Pr4100 Westerndigital my Cloud Westerndigital my Cloud Os Westerndigital Westerndigital wd Cloud |
|
CPE | cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:* cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:* |
|
References | (MISC) https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-787 |
14 Jan 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service. Addressed the vulnerability by adding defenses against stack overflow issues. |
13 Jan 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-13 21:15
Updated : 2023-12-10 14:09
NVD link : CVE-2022-22989
Mitre link : CVE-2022-22989
CVE.ORG link : CVE-2022-22989
JSON object : View
Products Affected
westerndigital
- my_cloud_dl4100
- my_cloud_ex2100
- my_cloud_pr4100
- my_cloud_ex4100
- my_cloud
- my_cloud_mirror_gen_2
- my_cloud_os
- my_cloud_ex2_ultra
- wd_cloud
- my_cloud_dl2100
- my_cloud_pr2100