CVE-2022-29839

Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*
OR cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_mirror_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

12 Dec 2022, 17:44

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-09 18:15

Updated : 2024-02-04 23:14


NVD link : CVE-2022-29839

Mitre link : CVE-2022-29839

CVE.ORG link : CVE-2022-29839


JSON object : View

Products Affected

westerndigital

  • my_cloud_dl2100
  • my_cloud_ex2100
  • my_cloud
  • my_cloud_ex2_ultra
  • my_cloud_pr4100
  • my_cloud_pr2100
  • my_cloud_mirror_g2
  • my_cloud_ex4100
  • wd_cloud
  • my_cloud_dl4100
  • my_cloud_os

linux

  • linux_kernel
CWE
CWE-522

Insufficiently Protected Credentials