Broadcom RAID Controller Web UI SESSIONID cookie SameSite missing
CVE-2023-4329 Published on August 15, 2023

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

NVD

Products Associated with CVE-2023-4329

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-4329 are published in these products:

Broadcom Raid Controller Web Interface

Broadcom Lsi Storage Authority

Intel Raid Web Console 3

Affected Versions

Broadcom LSI Storage Authority (LSA):

Before 7.017.011.000 is affected.

Intel RAID Web Console 3 (RWC3):

Before 7.017.011.000 is affected.

broadcom lsi_storage_authority:

Before 7.017.011.000 is affected.

intel raid_web_console_3:

Before 7.017.011.000 is affected.

Exploit Probability

EPSS

0.09%

Percentile

24.61%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Broadcom RAID Controller Web UI SESSIONID cookie SameSite missingCVE-2023-4329 Published on August 15, 2023

Products Associated with CVE-2023-4329

Affected Versions

Exploit Probability

Broadcom RAID Controller Web UI SESSIONID cookie SameSite missing
CVE-2023-4329 Published on August 15, 2023