CVE-2023-4331 Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

🗓️ 15 Aug 2023 18:25:37Reported by certccType

Broadcom RAID Controller web interface vulnerable to insecure default TLS configuration

Reporter	Title	Published	Views	Family All 10
CNNVD	Broadcom RAID Controller Encryption Issue Vulnerability	15 Aug 202300:00	–	cnnvd
CVE	CVE-2023-4331	15 Aug 202318:25	–	cve
EUVD	EUVD-2023-54196	3 Oct 202520:07	–	euvd
Intel	Intel® RAID Web Console Software Advisory	10 Sep 202400:00	–	intel
NVD	CVE-2023-4331	15 Aug 202319:15	–	nvd
OSV	CVE-2023-4331	15 Aug 202319:15	–	osv
Prion	Design/Logic Flaw	15 Aug 202319:15	–	prion
Positive Technologies	PT-2023-28774 · Broadcom · Broadcom Raid Controller	15 Aug 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-4331	9 Jan 202612:31	–	redhatcve
Vulnrichment	CVE-2023-4331 Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols	15 Aug 202318:25	–	vulnrichment

[
  {
    "vendor": "Broadcom",
    "product": "LSI Storage Authority (LSA)",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "7.017.011.000",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Intel",
    "product": "RAID Web Console 3 (RWC3)",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "7.017.011.000",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
broadcom	www.broadcom.com/support/resources/product-security-center

05 Sep 2024 21:55Current

7.8High risk

Vulners AI Score7.8

EPSS0.00061

CWE-327