CVE-2022-22998Insufficiently Protected Credentials in Digital MY Cloud Home

CWE-522Insufficiently Protected Credentials2 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 48.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Western Digital MY Cloud HomeWesterndigital MY Cloud Home DUO FirmwareWesterndigital MY Cloud Home Firmware
Timeline
PublishedJul 12
Latest updateJul 13

Description

Implemented protections on AWS credentials that were not properly protected.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5western_digital/my_cloud_homeMy Cloud Home Firmware8.5.1-102

🔴Vulnerability Details

1
GHSA
GHSA-x7p3-jg6r-9rmr: Implemented protections on AWS credentials that were not properly protected2022-07-13