CNVD-2022-06495

Vulnerability from cnvd - Published: 2022-01-25
VLAI Severity ?
Title
Western Digital My Cloud OS 5后置链接漏洞
Description
Western Digital My Cloud是美国西部数据Western Digital公司的一款个人云存储设备。 Western Digital My Cloud OS 5存在后置链接漏洞,攻击者可利用该漏洞导致代码执行和信息泄漏。
Severity
Patch Name
Western Digital My Cloud OS 5后置链接漏洞的补丁
Patch Description
Western Digital My Cloud是美国西部数据Western Digital公司的一款个人云存储设备。 Western Digital My Cloud OS 5存在后置链接漏洞,攻击者可利用该漏洞导致代码执行和信息泄漏。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

厂商已发布了漏洞修复程序,请及时关注更新: https://www.westerndigital.com/support/productsecurity/wdc-21002-my-cloud-firmware-version-5-10-122

Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-3310
Impacted products
Name
Western Digital My Cloud OS 5 <5.10.122
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-3310",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-3310"
    }
  },
  "description": "Western Digital My Cloud\u662f\u7f8e\u56fd\u897f\u90e8\u6570\u636eWestern Digital\u516c\u53f8\u7684\u4e00\u6b3e\u4e2a\u4eba\u4e91\u5b58\u50a8\u8bbe\u5907\u3002\n\nWestern Digital My Cloud OS 5\u5b58\u5728\u540e\u7f6e\u94fe\u63a5\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u4ee3\u7801\u6267\u884c\u548c\u4fe1\u606f\u6cc4\u6f0f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.westerndigital.com/support/productsecurity/wdc-21002-my-cloud-firmware-version-5-10-122",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-06495",
  "openTime": "2022-01-25",
  "patchDescription": "Western Digital My Cloud\u662f\u7f8e\u56fd\u897f\u90e8\u6570\u636eWestern Digital\u516c\u53f8\u7684\u4e00\u6b3e\u4e2a\u4eba\u4e91\u5b58\u50a8\u8bbe\u5907\u3002\r\n\r\nWestern Digital My Cloud OS 5\u5b58\u5728\u540e\u7f6e\u94fe\u63a5\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u4ee3\u7801\u6267\u884c\u548c\u4fe1\u606f\u6cc4\u6f0f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Western Digital My Cloud OS 5\u540e\u7f6e\u94fe\u63a5\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Western Digital My Cloud OS 5 \u003c5.10.122"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-3310",
  "serverity": "\u4e2d",
  "submitTime": "2021-03-11",
  "title": "Western Digital My Cloud OS 5\u540e\u7f6e\u94fe\u63a5\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.