121 matches found
CVE-2023-4337
CVE-2023-4337 affects the Broadcom RAID Controller web interface. The vulnerability arises from improper session handling of gateway-installed managed servers. Based on NVD metrics, it is a CRITICAL issue (CVSS v3.1: 9.8) with network access, no user interaction required, and high impact to confi...
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
Design/Logic Flaw
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2023-4345 Broadcom RAID Controller web interface is vulnerable client-side control bypass
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2023-4345 Broadcom RAID Controller web interface is vulnerable client-side control bypass
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
Broadcom RAID Controller Encryption Issue Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the web interface's TLS configuration supporting an outdated SHA1 cipher suite, rendering the product susceptible to attack...
PT-2023-28742 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to its usage of Libcurl with known vulnerabilities in LSA. Recommendations: At the moment, there is no...
PT-2023-28752 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data. The keys used for encryption are accessible to any local user on Linux...
PT-2023-28747 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites. This issue affects the default...
Broadcom RAID Controller Security Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller, which stems from a web interface where sensitive password information is exposed as a search parameter in the URL, making the product...
Broadcom RAID Controller Encryption Issue Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the web interface's TLS configuration that supports an outdated TLS protocol, making the product vulnerable to attack...
Broadcom RAID Controller Security Vulnerability
Broadcom RAID Controller is a series of RAID controllers from Broadcom USA. A security vulnerability exists in the Broadcom RAID Controller, which stems from a security flaw in the web interface that allows any local user on Linux to access encryption keys, leading to the disclosure of sensitive...
PT-2023-28774 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface has an insecure default TLS configuration that supports obsolete and vulnerable TLS protocols. Recommendations: At the moment,...
PT-2023-28819 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The issue concerns a privilege escalation vulnerability in the Broadcom RAID Controller. It can be exploited by taking advantage of the session prints in the log file...
Broadcom RAID Controller Security Vulnerability
Broadcom RAID Controller is a series of RAID controllers from Broadcom USA. A security vulnerability exists in the Broadcom RAID Controller, which stems from a security flaw in the web interface that allows any local user on Windows to access encryption keys, leading to the disclosure of sensitiv...
Broadcom RAID Controller Security Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from a lack of HTTP strict-transport-security policy in the web interface, which makes the product vulnerable to attack...
PT-2023-28822 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to the exposure of sensitive password information in the URL as a URL search parameter. Recommendations: At the...
PT-2023-28776 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to improper permissions on the log file. This issue may allow unauthorized access or exploitation. There is no...
PT-2023-28737 · Broadcom · Broadcom Raid Controller
Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup. Recommendations: At the moment, there is no...