var-202012-0950
Vulnerability from variot
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device. This vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the mod_rewrite module. The issue results from the way the software parses URLs to make authorization decisions. An attacker can leverage this vulnerability to bypass authentication on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os 5",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.07.118"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware 5.07.118"
},
{
"model": "mycloud pr4100",
"scope": null,
"trust": 0.7,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5\u003c5.07.118"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.07.118",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "orangetw",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
}
],
"trust": 0.7
},
"cve": "CVE-2020-29563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-29563",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-06496",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-29563",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-29563",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-29563",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2020-29563",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-06496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-942",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device. This vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the mod_rewrite module. The issue results from the way the software parses URLs to make authorization decisions. An attacker can leverage this vulnerability to bypass authentication on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-29563",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-20-1446",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12465",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-06496",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"id": "VAR-202012-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
]
},
"last_update_date": "2023-12-18T13:27:52.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-20010",
"trust": 1.5,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20010-my-cloud-os5-firmware-5-07-118"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315866"
},
{
"title": "Western Digital My Cloud Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137294"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-1446/"
},
{
"trust": 2.3,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20010-my-cloud-os5-firmware-5-07-118"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29563"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"date": "2021-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"date": "2020-12-12T00:15:12.017000",
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"date": "2020-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"date": "2021-08-18T08:49:00",
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"date": "2022-08-06T03:52:42.053000",
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western\u00a0Digital\u00a0My\u00a0Cloud\u00a0OS\u00a05\u00a0 Authentication vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.