Vulnerability Details CVE-2019-13467
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.2%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19009-sandisk-and-western-digital-ssd-dashboard-vulnerabilities
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19009-sandisk-and-western-digital-ssd-dashboard-vulnerabilities
Products affected by CVE-2019-13467
-
cpe:2.3:a:sandisk:ssd_dashboard:-
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.2
-
cpe:2.3:a:sandisk:ssd_dashboard:1.0.3
-
cpe:2.3:a:sandisk:ssd_dashboard:1.1.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.1.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.2.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.3.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.0
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.1
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.2
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.3
-
cpe:2.3:a:sandisk:ssd_dashboard:1.4.4.4
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.1.0
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.2.0
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.2.4
-
cpe:2.3:a:sandisk:ssd_dashboard:2.3.3.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:-
-
cpe:2.3:a:westerndigital:ssd_dashboard:1.4.3.8
-
cpe:2.3:a:westerndigital:ssd_dashboard:1.4.4.5
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.0.1.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.1
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.2.0.5
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.1.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.2.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.2.4
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.3.3.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.4.0.0
-
cpe:2.3:a:westerndigital:ssd_dashboard:2.5.0.0