Broadcom RAID Controller Web UI: Insecure TLS with SHA1 Ciphersuites
CVE-2023-4326 Published on August 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
Weakness Type
Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm.
Products Associated with CVE-2023-4326
stack.watch emails you whenever new vulnerabilities are published in Broadcom Raid Controller Web Interface or Broadcom Lsi Storage Authority. Just hit a watch button to start following.
Affected Versions
Broadcom LSI Storage Authority (LSA):- Before 7.017.011.000 is affected.
- Version 0 is affected.
- Before 7.017.011.000 is affected.
- Version 0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.