Sandisk: >> Ssd Dashboard >> 1.1.0 Security Vulnerabilities
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files.
CVSS Score
5.9
EPSS Score
0.002
Published
2019-09-30
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-09-30