Vulnerability Change Records for CVE-2018-17153

Change History

Initial Analysis 12/18/2018 9:13:22 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_dl2100:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_dl2100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_dl4100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_ex2100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_ex2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_ex2:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_ex4100:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_ex4100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_ex4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_ex4:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_mirror_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_mirror:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_mirror_gen_2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_pr2100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_pr4100:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_pr4100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.30.196
     OR
          cpe:2.3:h:western_digital:my_cloud_wdbctl0020hwt:*:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-287
Changed Reference Type
http://www.securityfocus.com/bid/105359 No Types Assigned
http://www.securityfocus.com/bid/105359 Third Party Advisory, VDB Entry
Changed Reference Type
https://securify.nl/nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html No Types Assigned
https://securify.nl/nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html Exploit, Third Party Advisory
Changed Reference Type
https://support.wdc.com/knowledgebase/answer.aspx?ID=25952 No Types Assigned
https://support.wdc.com/knowledgebase/answer.aspx?ID=25952 Third Party Advisory

CVE Modified by MITRE 9/20/2018 6:29:03 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/105359 [No Types Assigned]