CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4324 – Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
https://notcve.org/view.php?id=CVE-2023-4324
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers La interfaz web de Broadcom RAID Controller es vulnerable debido a la falta de seguridad de las cabeceras HTTP Content-Security-Policy. • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4325 – Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
https://notcve.org/view.php?id=CVE-2023-4325
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities La interfaz web de Broadcom RAID Controller es vulnerable debido al uso de Libcurl con LSA teniendo vulnerabilidades conocidas. • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4326 – Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
https://notcve.org/view.php?id=CVE-2023-4326
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites La interfaz web de Broadcom RAID Controller es vulnerable a una configuración TLS predeterminada insegura que admite cifrados obsoletos basados en SHA1. • https://www.broadcom.com/support/resources/product-security-center • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4327 – Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
https://notcve.org/view.php?id=CVE-2023-4327
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux La interfaz web de Broadcom RAID Controller es vulnerable a la exposición de datos sensibles y las claves utilizadas para el cifrado son accesibles a cualquier usuario local en Linux. • https://www.broadcom.com/support/resources/product-security-center • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4328 – Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
https://notcve.org/view.php?id=CVE-2023-4328
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows La interfaz web de Broadcom RAID Controller es vulnerable a la exposición de datos sensibles y las claves utilizadas para el cifrado son accesible a cualquier usuario local en Windows. • https://www.broadcom.com/support/resources/product-security-center • CWE-522: Insufficiently Protected Credentials •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4329 – Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
https://notcve.org/view.php?id=CVE-2023-4329
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute La interfaz web de Broadcom RAID Controller es vulnerable debido a una configuración HTTP insegura por defecto que no protege la cookie SESSIONID con el atributo SameSite. • https://www.broadcom.com/support/resources/product-security-center •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4331 – Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
https://notcve.org/view.php?id=CVE-2023-4331
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols La interfaz web de Broadcom RAID Controller tiene una configuración TLS por defecto insegura que soporta protocolos TLS obsoletos y vulnerables. • https://www.broadcom.com/support/resources/product-security-center • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4332 – Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
https://notcve.org/view.php?id=CVE-2023-4332
15 Aug 2023 — Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file La interfaz web de Broadcom RAID Controller es vulnerable debido a permisos inadecuados en el archivo de registro. • https://www.broadcom.com/support/resources/product-security-center • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4333 – Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
https://notcve.org/view.php?id=CVE-2023-4333
15 Aug 2023 — Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server Broadcom RAID Controller Web Interface no aplica la orden de cifrado SSL por el servidor. • https://www.broadcom.com/support/resources/product-security-center • CWE-326: Inadequate Encryption Strength •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4334 – Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
https://notcve.org/view.php?id=CVE-2023-4334
15 Aug 2023 — Broadcom RAID Controller Web server (nginx) is serving private files without any authentication Broadcom RAID Controller Web Server (nginx) está sirviendo archivos privados sin ninguna autenticación. • https://www.broadcom.com/support/resources/product-security-center • CWE-306: Missing Authentication for Critical Function •