Test ID:	1.3.6.1.4.1.25623.1.0.117762
Category:	General
Title:	Western Digital My Cloud Multiple Products 5.0 < 5.18.117 Multiple Vulnerabilities (WDC-21012)
Summary:	Multiple Western Digital My Cloud products are prone to multiple; vulnerabilities.
Description:	Summary: Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Vulnerability Insight: - CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438: Addressed multiple Apache HTTP Server vulnerabilities by updating the version to 2.4.38-3+deb10u6 - CVE-2020-20445, CVE-2020-20446, CVE-2020-20453, CVE-2020-21041, CVE-2020-22015, CVE-2020-22016, CVE-2020-22017, CVE-2020-22019, CVE-2020-22020, CVE-2020-22021, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22029, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22033, CVE-2020-22034, CVE-2020-22035, CVE-2020-22036, CVE-2020-22037, CVE-2020-22049, CVE-2020-22054, CVE-2020-35965, CVE-2021-38114, CVE-2021-38171, CVE-2021-38291: Addressed multiple FFmpeg vulnerabilities by updating the version to 7:4.1.8-0+deb10u1 Affected Software/OS: Western Digital My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud Mirror Gen 2, My Cloud DL2100, My Cloud DL4100, My Cloud (P/N: WDBCTLxxxxxx-10) and WD Cloud (Japan) with firmware versions prior to 5.18.117. Solution: Update to firmware version 5.18.117 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-34798 Cisco Security Advisory: 20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ https://kc.mcafee.com/corporate/index?page=content&id=SB10379 https://security.netapp.com/advisory/ntap-20211008-0004/ https://www.tenable.com/security/tns-2021-17 Debian Security Information: DSA-4982 (Google Search) https://www.debian.org/security/2021/dsa-4982 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/ https://security.gentoo.org/glsa/202208-20 http://httpd.apache.org/security/vulnerabilities_24.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2021-36160 https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html https://lists.debian.org/debian-lts-announce/2021/10/msg00016.html https://lists.apache.org/thread.html/r73260f6ba9fb52e43d860905fc90462ba5a814afda2d011f32bbd41c@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra1c05a392587bfe34383dffe1213edc425de8d4afc25b7cefab3e781@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7f2746e916ed370239bc1a1025e5ebbf345f79df9ea0ea39e44acfbb@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/r94a61a1517133a19dcf40016e87454ea86e355d06a0cec4c778530f3@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra87a69d0703d09dc52b86e32b08f8d7327af10acdd5f577a4e82596a@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb2341c8786d0f9924f5b666e82d8d170b4804f50a523d750551bef1a@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2021-39275 https://httpd.apache.org/security/vulnerabilities_24.html Common Vulnerability Exposure (CVE) ID: CVE-2021-40438 https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3Cusers.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2020-20445 Debian Security Information: DSA-4990 (Google Search) https://www.debian.org/security/2021/dsa-4990 Debian Security Information: DSA-4998 (Google Search) https://www.debian.org/security/2021/dsa-4998 https://trac.ffmpeg.org/ticket/7996 https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2020-20446 https://trac.ffmpeg.org/ticket/7995 Common Vulnerability Exposure (CVE) ID: CVE-2020-20453 https://trac.ffmpeg.org/ticket/8003 Common Vulnerability Exposure (CVE) ID: CVE-2020-21041 https://trac.ffmpeg.org/ticket/7989 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2020-22015 https://trac.ffmpeg.org/ticket/8190 Common Vulnerability Exposure (CVE) ID: CVE-2020-22016 https://trac.ffmpeg.org/ticket/8183 Common Vulnerability Exposure (CVE) ID: CVE-2020-22017 https://cwe.mitre.org/data/definitions/122.html https://trac.ffmpeg.org/ticket/8309 Common Vulnerability Exposure (CVE) ID: CVE-2020-22019 https://trac.ffmpeg.org/ticket/8241 Common Vulnerability Exposure (CVE) ID: CVE-2020-22020 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765 https://trac.ffmpeg.org/ticket/8239 Common Vulnerability Exposure (CVE) ID: CVE-2020-22021 https://trac.ffmpeg.org/ticket/8240 Common Vulnerability Exposure (CVE) ID: CVE-2020-22022 https://trac.ffmpeg.org/ticket/8264 Common Vulnerability Exposure (CVE) ID: CVE-2020-22023 https://trac.ffmpeg.org/ticket/8244 Common Vulnerability Exposure (CVE) ID: CVE-2020-22025 https://trac.ffmpeg.org/ticket/8260 Common Vulnerability Exposure (CVE) ID: CVE-2020-22026 https://trac.ffmpeg.org/ticket/8317 Common Vulnerability Exposure (CVE) ID: CVE-2020-22027 https://trac.ffmpeg.org/attachment/ticket/8242/gdb-vf_neighbor_191 https://trac.ffmpeg.org/ticket/8242 Common Vulnerability Exposure (CVE) ID: CVE-2020-22028 https://trac.ffmpeg.org/ticket/8274 Common Vulnerability Exposure (CVE) ID: CVE-2020-22029 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7fd1279703683ebb548ef7baa2f1519994496ae https://trac.ffmpeg.org/ticket/8250 Common Vulnerability Exposure (CVE) ID: CVE-2020-22030 https://trac.ffmpeg.org/ticket/8276 Common Vulnerability Exposure (CVE) ID: CVE-2020-22031 https://trac.ffmpeg.org/attachment/ticket/8243/gdb-vf_w3fdif_191 https://trac.ffmpeg.org/ticket/8243 Common Vulnerability Exposure (CVE) ID: CVE-2020-22032 https://trac.ffmpeg.org/ticket/8275 Common Vulnerability Exposure (CVE) ID: CVE-2020-22033 https://trac.ffmpeg.org/ticket/8246 Common Vulnerability Exposure (CVE) ID: CVE-2020-22034 https://trac.ffmpeg.org/ticket/8236 Common Vulnerability Exposure (CVE) ID: CVE-2020-22035 https://trac.ffmpeg.org/ticket/8262 Common Vulnerability Exposure (CVE) ID: CVE-2020-22036 https://trac.ffmpeg.org/ticket/8261 Common Vulnerability Exposure (CVE) ID: CVE-2020-22037 https://trac.ffmpeg.org/ticket/8281 Common Vulnerability Exposure (CVE) ID: CVE-2020-22049 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=373c1c9b691fd4c6831b3a114a006b639304c2af https://trac.ffmpeg.org/ticket/8314 Common Vulnerability Exposure (CVE) ID: CVE-2020-22054 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6f2a3958cfac135c60b509a61a4fd39432d8f9a9 https://trac.ffmpeg.org/ticket/8315 Common Vulnerability Exposure (CVE) ID: CVE-2020-35965 https://security.gentoo.org/glsa/202105-24 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532 https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b https://github.com/FFmpeg/FFmpeg/commit/b0a8b40294ea212c1938348ff112ef1b9bf16bb3 https://lists.debian.org/debian-lts-announce/2021/01/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2021-38114 https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1 https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09@PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/ Common Vulnerability Exposure (CVE) ID: CVE-2021-38171 https://security.gentoo.org/glsa/202312-14 https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6 https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19@AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/ Common Vulnerability Exposure (CVE) ID: CVE-2021-38291 https://trac.ffmpeg.org/ticket/9312
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.