Vulnerabilities > Broadcom > Raid Controller WEB Interface > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-15 | CVE-2023-4326 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites | 7.5 |
2023-08-15 | CVE-2023-4331 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols | 7.5 |
2023-08-15 | CVE-2023-4332 | Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | 7.5 |
2023-08-15 | CVE-2023-4334 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | 7.5 |
2023-08-15 | CVE-2023-4335 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | 7.5 |
2023-08-15 | CVE-2023-4339 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions | 7.5 |
2023-08-15 | CVE-2023-4343 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | 7.5 |