Vulnerability Details CVE-2020-10951
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 4.3
References
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
- https://support.wdc.com/downloads.aspx?g=907&lang=en
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
- https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0
Products affected by CVE-2020-10951
-
cpe:2.3:a:westerndigital:ibi:*
-
cpe:2.3:a:westerndigital:my_cloud_home:*