Vulnerability Details CVE-2019-13466
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19009-sandisk-and-western-digital-ssd-dashboard-vulnerabilities
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19009-sandisk-and-western-digital-ssd-dashboard-vulnerabilities
Products affected by CVE-2019-13466
-
cpe:2.3:a:sandisk:ssd_dashboard:-
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.2
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.3
-
cpe:2.3:a:sandisk:ssd_dashboard:1.1.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.1.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.2.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.3.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.2
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.3
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.4.4
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.1.0
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.2.0
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.2.4
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.3.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:-
-
cpe:2.3:a:westerndigital:ssd_dashboard:1.4.3.8
-
cpe:2.3:a:westerndigital:ssd_dashboard:1.4.4.5
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.0.1.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.1
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.5
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.1.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.2.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.2.4
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.3.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.4.0.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.5.0.0