Starting at
{{productPriceObj[bogoItems.productId].prices.list.amountFormatted}}
FREE
Starting at
{{productPriceObj[bogoItems.productId].prices.list.amountFormatted}}
{{productPriceObj[bogoItems.productId].prices.list.amountFormatted}}
{{productPriceObj[bogoItems.productId].prices.sale.amountFormatted}}
Qty.
{{bogoItems.qty}}
Add To Cart
No Thanks
Your Cart ({{totalItems}} {{totalItems == 1 ? 'Item' : 'Items'}})
Save 10% on select orders over $100 and 15% on orders over $250. Offer valid on any WD or SanDisk product, and on qualifying G-Technology products (listed here), or combinations of qualifying products, bought online through the Western Digital Store. Maximum of one purchase per customer. Offer is only valid while supplies last. This offer may not be combined, used in conjunction with or used in addition to any other promotion or offer. This offer does not apply to taxes or shipping costs. Retailers, Resellers and Distributors are excluded from this promotion. This offer is not applicable for any prior purchases and may not be available in all regions of the world. Western Digital reserves the right to change or discontinue this offer at any time without notice. This promotion is valid on 5/3/21 - 5/9/21.
Sandisk-Details & Exclusions
Save 10% on select orders over $100 and 15% on orders over $250. Offer valid on any WD or SanDisk product, and on qualifying G-Technology products (listed here), or combinations of qualifying products, bought online through the Western Digital Store. Maximum of one purchase per customer. Offer is only valid while supplies last. This offer may not be combined, used in conjunction with or used in addition to any other promotion or offer. This offer does not apply to taxes or shipping costs. Retailers, Resellers and Distributors are excluded from this promotion. This offer is not applicable for any prior purchases and may not be available in all regions of the world. Western Digital reserves the right to change or discontinue this offer at any time without notice. This promotion is valid on 5/3/21 - 5/9/21.
Details & Exclusions
Hassle Free Return for the Holidays
Western Digital Store is introducing an extended return policy this holiday season. Items purchased starting 22 November through 22 December 2021, can be returned until 22 January 2022, for most reasons, without exceptions. Contact Western Digital support to determine if your order qualifies, and to begin the process of a return. This policy is subject to exclusions.
Details & Exclusions
* Non-members receive free standard shipping on orders of at least kr300 excluding taxes and shipping costs, and after any applicable coupons have been applied. Western Digital Store members receive free standard shipping on all eligible orders. Free standard shipping applies to purchases delivered within Sweden. Western Digital reserves the right to change or discontinue these terms at any time without notice.
Details & Exclusions
Offer valid on qualifying products listed here and purchased online through the Western Digital Store. Offer limited to a maximum of 5 SKUs of the same product per customer. Retailers, Resellers, Distributors and Western Digital Business customers are excluded from this promotion. The offer has no cash value, is not applicable for any prior purchases and may not be available in all regions of the world. Western Digital reserves the right to change or discontinue this offer at any time without notice. This promotion is valid between 9th February 2022 and 9th August 2022.
IntelliFlash Web-Based Management Interface Information Vulnerability Disclosure
WDC Tracking Number: WDC-19008 Published: June 6, 2019
Last Updated: June 6, 2019
Description
A vulnerability in the IntelliFlash System Management Console could allow an authenticated admin-privileged account to retrieve sensitive information.
Affected Products
This vulnerability affects IntelliFlash OS software versions from 3.7.0 up to and including 3.9.1 running on IntelliFlash All-Flash and Hybrid Storage Arrays, including HA, T-3xxx and T-4xxx series, HD-series and N-series systems.
Western Digital is releasing software updates to address the vulnerability.
Product Impact
Minimum Fix Version
Last Updated
IntelliFlash OS software
IF OS version 3.9.2
June 6, 2019
Update Availability
IntelliFlash OS Releases 3.9.2.x and 3.10.x address the vulnerability. Early availability for these OS releases is scheduled for June 30, 2019.
Customers may only download software for which they have a valid service agreement procured from Western Digital directly, or through a Western Digital authorized reseller or partner. In most cases, this will be a maintenance upgrade to software that was previously licensed. Security software updates do not entitle customers to a new service agreement or software license, additional software feature sets, or major revision upgrades.
Upgrade instructions and release notes will be made available from the Customer Support Community. The software is available for download from the IntelliFlash array via the software upgrade server. If the array requires a manual upgrade, contact IntelliFlash Support to obtain the upgrade files.
Customers who purchased directly from Western Digital or previously from Tegile but do not hold a Western Digital service contract should obtain upgrades by contacting IntelliFlash Technical Support.
Advisory Summary
The IntelliFlash web-based management interface improperly sends third-party system usernames and passwords to authenticated users of the interface. While the information sent is not displayed in the interface, it is present, and an authenticated administrator of the array could exploit this vulnerability by inspecting the source of the web-based management interface. A successful exploit would allow the retrieval of these usernames and passwords from the array.
Exposed System Credentials
VMWare: vCenter admin credential (R/W)
SNMP: monitoring IFA (Read only)
SMTP: user email account for sending notifications and the call home feature (R/W)
Windows Servers: Machine user credential for the Windows Server TDPS plug-in used for quiesced IF arrays snapshots
Mitigations
While only an authenticated admin should have access to the IntelliFlash System Management Console, to mitigate the vulnerability, ensure that admin access to IntelliFlash is limited to admins who are authorized to access credentials to the exposed systems identified above.
CVE Number:CVE-2019-6464 Reported by: Thiago Campos of Bishop Fox