📦 Raid Controller Web Interface
by Broadcom
🔍 What is Raid Controller Web Interface?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2023-4329 is a critical vulnerability in Broadcom RAID Controller web interfaces where the SESSIONID cookie lacks SameSite protection due to insecure HTTP defaults. This allows attackers to perfor...
CVE-2023-4336 exposes Broadcom RAID Controller web interfaces to session hijacking attacks because HTTP cookies lack the Secure attribute, allowing them to be transmitted over unencrypted connections....
CVE-2023-4338 is a critical vulnerability in Broadcom RAID Controller web interfaces where insecure HTTP configurations lack X-Content-Type-Options headers, enabling MIME type sniffing attacks. This a...
CVE-2023-4340 is a privilege escalation vulnerability in Broadcom RAID Controller software where session information printed in log files can be exploited to gain elevated privileges. This affects sys...
CVE-2023-4342 is a vulnerability in Broadcom RAID Controller web interfaces where insecure default configurations lack HTTP Strict Transport Security (HSTS) policies. This allows attackers to perform ...
This vulnerability in Broadcom RAID Controller web interface allows attackers to predict SSL/TLS session keys due to insufficient randomness when establishing CIM connections. This affects systems usi...
CVE-2023-4323 is a critical vulnerability in Broadcom RAID Controller web interfaces that allows improper session management, potentially enabling attackers to hijack active administrative sessions. T...
This vulnerability affects Broadcom RAID Controller web interfaces using a vulnerable version of Libcurl library. Attackers could potentially execute arbitrary code or cause denial of service on affec...
Broadcom RAID Controller web interface uses insecure default TLS configurations that support obsolete and vulnerable TLS protocols. This allows attackers to perform man-in-the-middle attacks, decrypt ...
The Broadcom RAID Controller Web server (nginx) exposes private files without requiring authentication. This vulnerability allows unauthorized users to access sensitive system files. Organizations usi...