CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4335 – Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
https://notcve.org/view.php?id=CVE-2023-4335
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux Broadcom RAID Controller Web server (nginx) está sirviendo archivos privados del lado del servidor sin ninguna autenticación en Linux. • https://www.broadcom.com/support/resources/product-security-center • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4336 – Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
https://notcve.org/view.php?id=CVE-2023-4336
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute La interfaz web de Broadcom RAID Controller es vulnerable debido a una configuración HTTP insegura por defecto que no protege las cookies con el atributo "Secure". • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4337 – Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
https://notcve.org/view.php?id=CVE-2023-4337
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation La interfaz web de Broadcom RAID Controller es vulnerable a la gestión inadecuada de sesiones de servidores gestionados en la instalación de la puerta de enlace. • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4338 – Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
https://notcve.org/view.php?id=CVE-2023-4338
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4339 – Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
https://notcve.org/view.php?id=CVE-2023-4339
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions • https://www.broadcom.com/support/resources/product-security-center •