Lucene search

K
cveMitreCVE-2019-10705
HistoryMar 10, 2020 - 3:15 p.m.

CVE-2019-10705

2020-03-1015:15:12
CWE-522
mitre
web.nvd.nist.gov
28
security
vulnerability
access control
data decryption
western digital
sandisk x600
cve-2019-10705

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0.002

Percentile

55.3%

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.

Affected configurations

Nvd
Node
westerndigitalsandisk_x600_sd9tb8w-128gMatch-
AND
westerndigitalsandisk_x600_sd9tb8w-128g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tb8w-256gMatch-
AND
westerndigitalsandisk_x600_sd9tb8w-256g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tb8w-512gMatch-
AND
westerndigitalsandisk_x600_sd9tb8w-512g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tb8w-1t00Match-
AND
westerndigitalsandisk_x600_sd9tb8w-1t00_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tb8w-2t00Match-
AND
westerndigitalsandisk_x600_sd9tb8w-2t00_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tn8w-128gMatch-
AND
westerndigitalsandisk_x600_sd9tn8w-128g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tn8w-256gMatch-
AND
westerndigitalsandisk_x600_sd9tn8w-256g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tn8w-512gMatch-
AND
westerndigitalsandisk_x600_sd9tn8w-512g_firmwareRange<x6112100
Node
westerndigitalsandisk_x600_sd9tn8w-1t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9tn8w-1t00Match-
Node
westerndigitalsandisk_x600_sd9tn8w-2t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9tn8w-2t00Match-
Node
westerndigitalsandisk_x600_sd9sb8w-128g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sb8w-128gMatch-
Node
westerndigitalsandisk_x600_sd9sb8w-256g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sb8w-256gMatch-
Node
westerndigitalsandisk_x600_sd9sb8w-512g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sb8w-512gMatch-
Node
westerndigitalsandisk_x600_sd9sb8w-1t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sb8w-1t00Match-
Node
westerndigitalsandisk_x600_sd9sb8w-2t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sb8w-2t00Match-
Node
westerndigitalsandisk_x600_sd9sn8w-128g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sn8w-128gMatch-
Node
westerndigitalsandisk_x600_sd9sn8w-256g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sn8w-256gMatch-
Node
westerndigitalsandisk_x600_sd9sn8w-512g_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sn8w-512gMatch-
Node
westerndigitalsandisk_x600_sd9sn8w-1t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sn8w-1t00Match-
Node
westerndigitalsandisk_x600_sd9sn8w-2t00_firmwareRange<x6112100
AND
westerndigitalsandisk_x600_sd9sn8w-2t00Match-
VendorProductVersionCPE
westerndigitalsandisk_x600_sd9tb8w-128g-cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-128g:-:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-128g_firmware*cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-128g_firmware:*:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-256g-cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-256g:-:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-256g_firmware*cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-256g_firmware:*:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-512g-cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-512g:-:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-512g_firmware*cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-512g_firmware:*:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-1t00-cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-1t00:-:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-1t00_firmware*cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-1t00_firmware:*:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-2t00-cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-2t00:-:*:*:*:*:*:*:*
westerndigitalsandisk_x600_sd9tb8w-2t00_firmware*cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-2t00_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 401

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0.002

Percentile

55.3%

Related for CVE-2019-10705