Broadcom Raid Controller Web Interface

Do you want an email whenever new security vulnerabilities are reported in Broadcom Raid Controller Web Interface?

By the Year

In 2024 there have been 0 vulnerabilities in Broadcom Raid Controller Web Interface . Last year Raid Controller Web Interface had 19 security vulnerabilities published. Right now, Raid Controller Web Interface is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	19	8.85
2022	0	0.00
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Raid Controller Web Interface vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Broadcom Raid Controller Web Interface Security Vulnerabilities

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

CVE-2023-4343 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

CVE-2023-4323 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

CVE-2023-4324 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

CVE-2023-4325 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration

CVE-2023-4326 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites

Use of a Broken or Risky Cryptographic Algorithm

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4329 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

REJECT Broadcom were unable to duplicate the attack as described by Intel DCG Team.

CVE-2023-4330 - August 15, 2023

** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team.

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration

CVE-2023-4331 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

Use of a Broken or Risky Cryptographic Algorithm

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

CVE-2023-4332 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

Incorrect Permission Assignment for Critical Resource

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

CVE-2023-4334 7.5 - High - August 15, 2023

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

Missing Authentication for Critical Function

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4336 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

CVE-2023-4337 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4338 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

CVE-2023-4339 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

CVE-2023-4340 9.8 - Critical - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

CVE-2023-4341 9.8 - Critical - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

CVE-2023-4342 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

CVE-2023-4344 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

Use of Insufficiently Random Values

Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user

CVE-2023-4345 6.5 - Medium - August 15, 2023

Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Broadcom Raid Controller Web Interface or by Broadcom? Click the Watch button to subscribe.

Broadcom
Vendor

Broadcom Raid Controller Web Interface
Product

Broadcom Raid Controller Web Interface

By the Year

Recent Broadcom Raid Controller Web Interface Security Vulnerabilities

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter CVE-2023-4343 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup CVE-2023-4323 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers CVE-2023-4324 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities CVE-2023-4325 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration CVE-2023-4326 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration CVE-2023-4329 9.8 - Critical - August 15, 2023

** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team. CVE-2023-4330 - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration CVE-2023-4331 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file CVE-2023-4332 7.5 - High - August 15, 2023

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication CVE-2023-4334 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration CVE-2023-4336 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation CVE-2023-4337 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration CVE-2023-4338 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions CVE-2023-4339 7.5 - High - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file CVE-2023-4340 9.8 - Critical - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI CVE-2023-4341 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy CVE-2023-4342 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection CVE-2023-4344 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user CVE-2023-4345 6.5 - Medium - August 15, 2023