FKIE_CVE-2019-10705
Vulnerability from fkie_nvd - Published: 2020-03-10 15:15 - Updated: 2024-11-21 04:19
Severity
Summary
Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-128g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC9EFE8-71D9-4206-87AA-E86860336F55",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-128g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94B8CE18-3F5E-451C-9BFB-77ED8844D685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-256g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C69C198-2915-473D-ABA4-9D2F60B98B51",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-256g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF553BB-D3BF-4BF2-8C90-73658F44B42C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-512g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF46C292-AC27-417A-B91B-0953B19D965D",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-512g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2511952-C7FB-4866-BF71-3D7F993C3D41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-1t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3490EE1F-E515-4A5B-AAF3-0A267D553893",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-1t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B3E66B-6EA1-4E4F-85A5-85BE384F537E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-2t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63F751CD-AF3C-463C-9AF2-13D6E7A69072",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-2t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28F59558-E601-4B52-8A71-6538D6DBBCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-128g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1B313A-C76D-46AB-BF81-BCF83B91E786",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-128g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB5379F-0277-4A58-A75C-E892A7305C17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-256g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A76268C-475B-42CC-95BD-FDAD3B89B502",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-256g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD21040-E1DA-401E-9D46-F22E9D168988",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-512g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EDC99D-A622-4531-B1C9-255CC93EEF05",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-512g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B3B4E2-427E-4628-9609-00BD7167AB36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-1t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96872B8F-74E5-4247-B5BB-D24F693E08F9",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-1t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1744AB-073A-4F28-9C5E-9006C4FF20BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-2t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0193343-2692-4C70-998F-86C703F971AA",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-2t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D372B9E2-E745-43C3-9F3D-E1503C3FEED3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-128g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1CAF6E-6DC3-4F11-ACD2-39BEC4F25144",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-128g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2CC787-5BB7-4169-B5D0-AA01ACF23BD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-256g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8639F85-78E4-4AB0-A837-360D9D97E742",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-256g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6AB7FE-1614-426D-AF52-928FFBE50336",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-512g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88E962B0-C03C-400E-8EBD-7598B3188CA1",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-512g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77DA4B34-FDC5-4D5B-83AD-54299A7350DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-1t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D00C650-4E51-4D15-8CC2-71C61654A0F6",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-1t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD660A35-1F23-4A14-A499-AE8ED9431C6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-2t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFC4C4F-F4B9-4E21-B411-3D9D0C00798F",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-2t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB1BEE4-F524-4B8D-885E-EEE10CE15E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-128g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F2BC11-6A49-490E-A62F-92F1C43A28E9",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-128g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19B10EE9-FC5F-4058-86FB-0CF2ED90C120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-256g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2AF2194-5465-4BE7-993E-A6D453774A9B",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-256g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C41FA54-232D-45BE-89CE-28D64AD7B258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-512g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B67DBD7-1C43-4BB3-998A-4EEED05A4A74",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-512g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735A041A-A676-4907-A6B7-29522365BE37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-1t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17E6447D-A230-47DA-8E69-7659914AE6CE",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-1t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4BFEC7-4F1F-4C13-AA17-62E65D0DD449",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-2t00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E4841C-F683-4169-8F25-2DD17A583511",
"versionEndExcluding": "x6112100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-2t00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C77C33DA-6AEE-4C35-A482-1A9B8696F507",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials."
},
{
"lang": "es",
"value": "Un dispositivo Western Digital SanDisk X600, en determinadas configuraciones, una vulnerabilidad en el mecanismo de control de acceso de la unidad puede permitir a los datos ser descifrados sin conocimiento de las credenciales de autenticaci\u00f3n apropiadas."
}
],
"id": "CVE-2019-10705",
"lastModified": "2024-11-21T04:19:46.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-10T15:15:12.463",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://support.wdc.com/cat_products.aspx?ID=6\u0026lang=en"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://support.wdc.com/cat_products.aspx?ID=6\u0026lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…