Broadcom RAID Controller Missing CSP Header Enables XSS
CVE-2023-4324 Published on August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

NVD

Products Associated with CVE-2023-4324

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-4324 are published in these products:

Broadcom Raid Controller Web Interface

Broadcom Lsi Storage Authority

Intel Raid Web Console 3

Affected Versions

Broadcom LSI Storage Authority (LSA):

Before 7.017.011.000 is affected.

Intel RAID Web Console 3 (RWC3):

Before 7.017.011.000 is affected.

broadcom lsi_storage_authority:

Before 7.017.011.000 is affected.

intel raid_web_console_3:

Before 7.017.011.000 is affected.

Exploit Probability

EPSS

0.09%

Percentile

24.59%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Broadcom RAID Controller Missing CSP Header Enables XSSCVE-2023-4324 Published on August 15, 2023

Products Associated with CVE-2023-4324

Affected Versions

Exploit Probability

Broadcom RAID Controller Missing CSP Header Enables XSS
CVE-2023-4324 Published on August 15, 2023