CVE-2024-22170 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
westerndigital	wd_cloud_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_dl4100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_dl2100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_ex2100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_mirror_g2_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_pr4100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_pr2100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_ex4100_firmware	𝑥 < 5.29.102	ADP
westerndigital	my_cloud_ex2_ultra_firmware	𝑥 < 5.29.102	ADP

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://www.westerndigital.com/support/product-security/wdc-24005-western-digital-my-cloud-os-5-firmware-5-29-102