Vulnerabilities > CVE-2019-13467

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
sandisk
westerndigital
NVD
Published: 2019-09-30
Updated: 2020-08-24

Summary

Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Sandisk
18
Application
Westerndigital
13

References