CVE-2019-13466
First published: Mon Sep 30 2019(Updated: )
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SanDisk SSD Dashboard | <2.5.1.0 | |
| Westerndigital Ssd Dashboard | <2.5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-13466.
What is the severity level of CVE-2019-13466?
The severity level of CVE-2019-13466 is high with a score of 7.5 out of 10.
What software versions are affected by this vulnerability?
The Western Digital SSD Dashboard versions before 2.5.1.0 and SanDisk SSD Dashboard versions before 2.5.1.0 are affected by this vulnerability.
What is the issue with the affected software?
The issue with the affected software is incorrect access control, where the 'generate reports' archive is protected with a hard-coded password.
Is there a fix available for this vulnerability?
Yes, an application update is available to address the protection of archive encryption.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/sandisk
- canonical/sandisk ssd dashboard
- vendor/westerndigital
- canonical/westerndigital ssd dashboard