CVE-2022-29835
5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not collision-free. This could thereby impact the confidentiality of user content. This issue affects: Western Digital WD Discovery WD Discovery Desktop App versions prior to 4.4.396 on Mac; WD Discovery Desktop App versions prior to 4.4.396 on Windows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Western Digital | WD Discovery | WD Discovery Desktop App < 4.4.396 | affected |
| Western Digital | WD Discovery | WD Discovery Desktop App < 4.4.396 | affected |
Weaknesses
- CWE-328: CWE-328 Reversible One-Way Hash
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.