Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.
References
Link | Resource |
---|---|
https://support.wdc.com/downloads.aspx?g=907&lang=en | Release Notes |
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability | Broken Link Vendor Advisory |
https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Mar 2023, 03:06
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability - Broken Link, Vendor Advisory | |
References | (MISC) https://support.wdc.com/downloads.aspx?g=907&lang=en - Release Notes | |
References | (MISC) https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0 - Vendor Advisory |
Information
Published : 2020-04-15 20:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-10951
Mitre link : CVE-2020-10951
CVE.ORG link : CVE-2020-10951
JSON object : View
Products Affected
westerndigital
- my_cloud_home
- ibi
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames