Broadcom Raid Controller Web Interface
By the Year
In 2024 there have been 0 vulnerabilities in Broadcom Raid Controller Web Interface . Last year Raid Controller Web Interface had 22 security vulnerabilities published. Right now, Raid Controller Web Interface is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 22 | 8.37 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Raid Controller Web Interface vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Broadcom Raid Controller Web Interface Security Vulnerabilities
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration
CVE-2023-4331
7.5 - High
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
Use of a Broken or Risky Cryptographic Algorithm
Broadcom RAID Controller web interface doesnt enforce SSL cipher ordering by server
CVE-2023-4333
5.5 - Medium
- August 15, 2023
Broadcom RAID Controller web interface doesnt enforce SSL cipher ordering by server
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
CVE-2023-4327
5.5 - Medium
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
CVE-2023-4328
5.5 - Medium
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
CVE-2023-4323
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
CVE-2023-4324
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
CVE-2023-4325
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration
CVE-2023-4326
7.5 - High
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
Use of a Broken or Risky Cryptographic Algorithm
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration
CVE-2023-4329
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team.
CVE-2023-4330
- August 15, 2023
** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team.
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
CVE-2023-4344
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
Use of Insufficiently Random Values
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVE-2023-4332
7.5 - High
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
Incorrect Permission Assignment for Critical Resource
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
CVE-2023-4334
7.5 - High
- August 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
Missing Authentication for Critical Function
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration
CVE-2023-4336
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
CVE-2023-4337
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration
CVE-2023-4338
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
CVE-2023-4339
7.5 - High
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
CVE-2023-4340
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
CVE-2023-4341
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
CVE-2023-4342
9.8 - Critical
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
CVE-2023-4343
7.5 - High
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
CVE-2023-4345
6.5 - Medium
- August 15, 2023
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Broadcom Raid Controller Web Interface or by Broadcom? Click the Watch button to subscribe.