Security Advisory

CVE-2022-22993

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-28 19:09:29

Last updated 2024-08-03 03:28:43

Assigner WDC PSIRT

State PUBLISHED

Description

A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters.

← Browse all CVEs View on cve.org ↗