Vulnerabilities > Westerndigital > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2019-11686 | Insufficiently Protected Credentials vulnerability in Westerndigital products Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure. | 5.5 |
| 2020-03-10 | CVE-2019-10706 | Insufficiently Protected Credentials vulnerability in Westerndigital products Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. | 6.3 |
| 2020-02-20 | CVE-2020-8960 | Cross-site Scripting vulnerability in Westerndigital Mycloud.Com Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. | 6.1 |
| 2019-09-30 | CVE-2019-13467 | Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. | 5.9 |
| 2018-10-09 | CVE-2018-7928 | Unspecified vulnerability in Westerndigital MY Cloud There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. low complexity westerndigital | 4.6 |