CVE-2022-29838

MEDIUM Year: 2022
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-287
View all →

Vulnerability Description

Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.

Related Vulnerabilities

CVE-2012-6340

MEDIUM
CVSS:4.6(Medium)

An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.

CWE-2872012

CVE-2016-11041

MEDIUM
CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).

CWE-2872016

CVE-2017-18646

MEDIUM
CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ...

CWE-2872017

CVE-2017-2721

MEDIUM
CVSS:4.6(Medium)

Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CU...

CWE-2872017

CVE-2018-21062

MEDIUM
CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. When biometric authentication is disabled, an attacker can view Streams content (e.g., a Gallery slideshow) of a lock...

CWE-2872018