Vulnerabilities (CVE)

Filtered by vendor Westerndigital Subscribe
Filtered by product Ssd Dashboard
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13467 2 Sandisk, Westerndigital 2 Ssd Dashboard, Ssd Dashboard 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files.
CVE-2019-13466 2 Sandisk, Westerndigital 2 Ssd Dashboard, Ssd Dashboard 2024-11-21 5.0 MEDIUM 7.5 HIGH
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available.