Vulnerabilities > Broadcom > Raid Controller WEB Interface > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-4326 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
network
low complexity
broadcom CWE-327
7.5
2023-08-15 CVE-2023-4331 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
network
low complexity
broadcom CWE-327
7.5
2023-08-15 CVE-2023-4332 Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
network
low complexity
broadcom CWE-732
7.5
2023-08-15 CVE-2023-4334 Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
network
low complexity
broadcom CWE-306
7.5
2023-08-15 CVE-2023-4335 Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
network
low complexity
broadcom CWE-306
7.5
2023-08-15 CVE-2023-4339 Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
network
low complexity
broadcom
7.5
2023-08-15 CVE-2023-4343 Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
network
low complexity
broadcom
7.5