Raid Controller Web Interface Broadcom Raid Controller Web Interface

Do you want an email whenever new security vulnerabilities are reported in Broadcom Raid Controller Web Interface?

By the Year

In 2024 there have been 0 vulnerabilities in Broadcom Raid Controller Web Interface . Last year Raid Controller Web Interface had 22 security vulnerabilities published. Right now, Raid Controller Web Interface is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 22 8.37
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Raid Controller Web Interface vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Broadcom Raid Controller Web Interface Security Vulnerabilities

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration

CVE-2023-4331 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

Use of a Broken or Risky Cryptographic Algorithm

Broadcom RAID Controller web interface doesnt enforce SSL cipher ordering by server

CVE-2023-4333 5.5 - Medium - August 15, 2023

Broadcom RAID Controller web interface doesnt enforce SSL cipher ordering by server

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

CVE-2023-4327 5.5 - Medium - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows

CVE-2023-4328 5.5 - Medium - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

CVE-2023-4323 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

CVE-2023-4324 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

CVE-2023-4325 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration

CVE-2023-4326 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites

Use of a Broken or Risky Cryptographic Algorithm

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4329 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team.

CVE-2023-4330 - August 15, 2023

** REJECT ** Broadcom were unable to duplicate the attack as described by Intel DCG Team.

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

CVE-2023-4344 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

Use of Insufficiently Random Values

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

CVE-2023-4332 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

Incorrect Permission Assignment for Critical Resource

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

CVE-2023-4334 7.5 - High - August 15, 2023

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

Missing Authentication for Critical Function

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4336 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

CVE-2023-4337 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration

CVE-2023-4338 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

CVE-2023-4339 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

CVE-2023-4340 9.8 - Critical - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

CVE-2023-4341 9.8 - Critical - August 15, 2023

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

CVE-2023-4342 9.8 - Critical - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

CVE-2023-4343 7.5 - High - August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user

CVE-2023-4345 6.5 - Medium - August 15, 2023

Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Broadcom Raid Controller Web Interface or by Broadcom? Click the Watch button to subscribe.

Broadcom
Vendor

subscribe