RAID Controller
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4324 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | |||
| CVE-2023-4325 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | |||
| CVE-2023-4326 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites | |||
| CVE-2023-4327 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | |||
| CVE-2023-4328 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | |||
| CVE-2023-4329 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | |||
| CVE-2023-4331 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols | |||
| CVE-2023-4332 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | |||
| CVE-2023-4333 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | |||
| CVE-2023-4334 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | |||
| CVE-2023-4336 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | |||
| CVE-2023-4337 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | |||
| CVE-2023-4338 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | |||
| CVE-2023-4339 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions | |||
| CVE-2023-4340 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | |||
| CVE-2023-4341 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | |||
| CVE-2023-4342 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | |||
| CVE-2023-4343 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | |||
| CVE-2023-4323 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | |||
| CVE-2023-4345 | 0.00 | — | 0.00 | Aug 15, 2023 | Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user |
- CVE-2023-4324Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
- CVE-2023-4325Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
- CVE-2023-4326Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
- CVE-2023-4327Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
- CVE-2023-4328Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
- CVE-2023-4329Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
- CVE-2023-4331Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
- CVE-2023-4332Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
- CVE-2023-4333Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
- CVE-2023-4334Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
- CVE-2023-4336Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
- CVE-2023-4337Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
- CVE-2023-4338Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
- CVE-2023-4339Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
- CVE-2023-4340Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
- CVE-2023-4341Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
- CVE-2023-4342Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
- CVE-2023-4343Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
- CVE-2023-4323Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
- CVE-2023-4345Aug 15, 2023risk 0.00cvss —epss 0.00
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user