CVE-2023-4340 Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file...

CVE-2023-4340

Summary: CVE-2023-4340 affects the Broadcom RAID Controller, enabling privilege escalation by exploiting how session prints are logged. The vulnerability description appears consistently across initial and connected records (Red Hat, NVD, CNNVD, CVE listing). Affected product/area: Broadcom RAID ...

Broadcom RAID Controller Security Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from a misconfiguration of permissions in the web interface's log file, which makes the product susceptible to attack...

PT-2023-28819 · Broadcom · Broadcom Raid Controller

Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The issue concerns a privilege escalation vulnerability in the Broadcom RAID Controller. It can be exploited by taking advantage of the session prints in the log file...

PT-2023-28776 · Broadcom · Broadcom Raid Controller

Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to improper permissions on the log file. This issue may allow unauthorized access or exploitation. There is no...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

Design/Logic Flaw

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

CVE-2023-3953

The CVE-2023-3953 entry concerns Schneider Electric Pro-face GP-Pro EX. A memory buffer overflow due to improper manipulation of memory buffer bounds can cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX. Connected sources (CNVD-2023-64088 and PT-2023-419...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

CVE-2023-36900

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2023-36900

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2023-36900

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

Privilege escalation

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2023-36900 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2023-36900

CVE-2023-36900 affects the Windows Common Log File System (CLFS) driver, enabling Elevation of Privilege via an integer overflow/wraparound vulnerability. The connected exploit repository documents a PoC labeled as an exploit for an Integer Overflow or Wraparound in Microsoft CLFS, with a Denial-...

Nextcloud: user_ldap app logs user passwords in the log file on level debug

User passwords were logged in Nextcloud application logs when using LDAP authentication and debug log level settings...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

Microsoft Windows Common Log File System Driver Security Vulnerability

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...