My Cloud Home and ibi Websites Version 2.2.0

WDC Tracking Number: WDC-19012
Product Line/Web: My Cloud Home and ibi Portal Websites
Published: October 24, 2019

Last Updated: October 24, 2019

Description

The My Cloud Home and ibi Portal websites have been updated to improve their security. Versions prior to this were vulnerable to a clickjacking vulnerability in which an attacker could trick a user into clicking on an unexpected webpage element on the My Cloud Home and ibi portal websites. This could potentially route the user to an attacker chosen destination used for malicious purposes. This attack can be used to reveal confidential information or could lead to the attacker gaining complete control over a user’s system.

Product Impact

Last Updated

My Cloud Home Portal Websites (see links below)

October 24, 2019

ibi Portal Websites (see links below)

October 24, 2019

Advisory Summary

My Cloud Home and ibi portal websites have now addressed this clickjacking vulnerability by adding the X-Frame Options HTTP Response header to the pages that require protection from clickjacking. This frame-busting method is used to restrict a web page from being loaded in a sub-frame.

Addressed multiple Clickjacking vulnerabilities for the following websites:

CVE Number: CVE-2020-10951

Reported by: Tayyab Sial

Add up to 4 products

{{ skuObj.title.length < 15 ? skuObj.title : skuObj.title.substring(0,14) + "..." }}

Compare

Details & Exclusions

A Note to Our Customers

Looking to Create a New Account?

A Note to Our Business Customers

Looking to Create a New Business Account?

A Note to Our Business Customers

A Note to Our Customers

Sign In

Sign In for Business

Resend Verification Email

Reset Password

{{promotion.info.promoTitle}}

{{promotion.info.promoTitle}}

{{promotion.info.desc}}

My Cloud Home and ibi Websites Version 2.2.0

Description

Advisory Summary