Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-15	CVE-2023-4344	Use of Insufficiently Random Values vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection network low complexity broadcom CWE-330 critical	9.8
2023-08-15	CVE-2023-4342	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4341	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4340	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4338	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4337	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4336	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4329	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4325	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities network low complexity broadcom critical	9.8
2023-08-15	CVE-2023-4324	Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers network low complexity broadcom critical	9.8