CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4332 – Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
https://notcve.org/view.php?id=CVE-2023-4332
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file La interfaz web de Broadcom RAID Controller es vulnerable debido a permisos inadecuados en el archivo de registro. • https://www.broadcom.com/support/resources/product-security-center • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4333 – Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
https://notcve.org/view.php?id=CVE-2023-4333
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server Broadcom RAID Controller Web Interface no aplica la orden de cifrado SSL por el servidor. • https://www.broadcom.com/support/resources/product-security-center • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4334 – Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
https://notcve.org/view.php?id=CVE-2023-4334
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication Broadcom RAID Controller Web Server (nginx) está sirviendo archivos privados sin ninguna autenticación. • https://www.broadcom.com/support/resources/product-security-center • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4335 – Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
https://notcve.org/view.php?id=CVE-2023-4335
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux Broadcom RAID Controller Web server (nginx) está sirviendo archivos privados del lado del servidor sin ninguna autenticación en Linux. • https://www.broadcom.com/support/resources/product-security-center • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4336 – Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
https://notcve.org/view.php?id=CVE-2023-4336
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute La interfaz web de Broadcom RAID Controller es vulnerable debido a una configuración HTTP insegura por defecto que no protege las cookies con el atributo "Secure". • https://www.broadcom.com/support/resources/product-security-center •