Lucene search
HistoryAug 15, 2023 - 6:15 p.m.
CVE-2023-4345
broadcom
raid controller
web interface
client-side
control bypass
vulnerability
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
Affected configurations
Node
broadcomraid_controller_web_interfaceMatch51.12.0-2779
| CPE | Name | Operator | Version |
|---|---|---|---|
| broadcom:raid_controller_web_interface | broadcom raid controller web interface | eq | 51.12.0-2779 |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-08-15 18:15:00
nvd
nvd
CVE-2023-4345
2023-08-15 18:15:10
cvelist
cvelist
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
Related for CVE-2023-4345