CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4340 – Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
https://notcve.org/view.php?id=CVE-2023-4340
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4341 – Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
https://notcve.org/view.php?id=CVE-2023-4341
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4342 – Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
https://notcve.org/view.php?id=CVE-2023-4342
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4343 – Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
https://notcve.org/view.php?id=CVE-2023-4343
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4344 – Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
https://notcve.org/view.php?id=CVE-2023-4344
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection • https://www.broadcom.com/support/resources/product-security-center • CWE-330: Use of Insufficiently Random Values CWE-331: Insufficient Entropy •