Broadcom RAID Ctrl Web UI insecure TLS config supports obsolete protocols
CVE-2023-4331 Published on August 15, 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

NVD

Weakness Type

Use of a Broken or Risky Cryptographic Algorithm

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm.


Products Associated with CVE-2023-4331

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-4331 are published in these products:

Broadcom Raid Controller Web Interface
 
Broadcom Lsi Storage Authority
 
Intel Raid Web Console 3
 

Affected Versions

Broadcom LSI Storage Authority (LSA): Intel RAID Web Console 3 (RWC3): broadcom lsi_storage_authority: intel raid_web_console_3:

Exploit Probability

EPSS
0.04%
Percentile
11.01%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.