Refine your search
33 vulnerabilities found for by broadcom
CVE-2025-24919 (GCVE-0-2025-24919)
Vulnerability from cvelistv5
Published
2025-06-13 21:48
Modified
2025-11-03 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Broadcom | BCM5820X |
Version: NA |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T03:55:11.821602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T15:18:22.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:52.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BCM5820X",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3",
"vendor": "Dell",
"versions": [
{
"lessThan": "5.15.10.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3 Plus",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.2.26.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered by Philippe Laulheret of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability.\u003cbr\u003e\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T22:00:16.610Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dell ControlVault3/ControlVault3 Plus deserialization of untrusted input vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-24919",
"datePublished": "2025-06-13T21:48:29.351Z",
"dateReserved": "2025-02-20T15:43:53.955Z",
"dateUpdated": "2025-11-03T19:44:52.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25215 (GCVE-0-2025-25215)
Vulnerability from cvelistv5
Published
2025-06-13 21:26
Modified
2025-11-03 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-763 - Release of Invalid Pointer or Reference
Summary
An arbitrary free vulnerability exists in the cv_close functionality of
Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call
can lead to an arbitrary free. An attacker can forge a fake session to
trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Broadcom | BCM5820X |
Version: NA |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25215",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T18:13:19.069921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T18:13:30.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:58.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2129"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BCM5820X",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3",
"vendor": "Dell",
"versions": [
{
"lessThan": "5.15.10.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3 Plus",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.2.26.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered by Philippe Laulheret of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary free vulnerability exists in the cv_close functionality of \nDell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call \ncan lead to an arbitrary free. An attacker can forge a fake session to \ntrigger this vulnerability."
}
],
"value": "An arbitrary free vulnerability exists in the cv_close functionality of \nDell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call \ncan lead to an arbitrary free. An attacker can forge a fake session to \ntrigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-763",
"description": "CWE-763 Release of Invalid Pointer or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T22:01:31.275Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-25215",
"datePublished": "2025-06-13T21:26:58.869Z",
"dateReserved": "2025-02-06T16:31:13.879Z",
"dateUpdated": "2025-11-03T19:44:58.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25050 (GCVE-0-2025-25050)
Vulnerability from cvelistv5
Published
2025-06-13 21:03
Modified
2025-11-03 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write vulnerability exists in the
cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36.
A specially crafted ControlVault API call can lead to an out-of-bounds
write. An attacker can issue an API call to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Broadcom | BCM5820X |
Version: NA |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T03:55:10.750571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T15:18:55.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:55.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BCM5820X",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3",
"vendor": "Dell",
"versions": [
{
"lessThan": "5.15.10.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3 Plus",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.2.26.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered by Philippe Laulheret of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn out-of-bounds write vulnerability exists in the \ncv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36.\n A specially crafted ControlVault API call can lead to an out-of-bounds \nwrite. An attacker can issue an API call to trigger this vulnerability.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "An out-of-bounds write vulnerability exists in the \ncv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36.\n A specially crafted ControlVault API call can lead to an out-of-bounds \nwrite. An attacker can issue an API call to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T21:03:18.087Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-25050",
"datePublished": "2025-06-13T21:03:18.087Z",
"dateReserved": "2025-02-06T16:31:05.392Z",
"dateUpdated": "2025-11-03T19:44:55.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24922 (GCVE-0-2025-24922)
Vulnerability from cvelistv5
Published
2025-06-13 20:51
Modified
2025-11-03 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the
securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A
specially crafted malicious cv_object can lead to a arbitrary code
execution. An attacker can issue an API call to trigger this
vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Broadcom | BCM5820X |
Version: NA |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T03:55:12.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:54.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BCM5820X",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3",
"vendor": "Dell",
"versions": [
{
"lessThan": "5.15.10.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3 Plus",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.2.26.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered by Philippe Laulheret of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A stack-based buffer overflow vulnerability exists in the \nsecurebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to\u0026nbsp;6.2.26.36. A \nspecially crafted malicious cv_object can lead to a arbitrary code \nexecution. An attacker can issue an API call to trigger this \nvulnerability.\n\n\u003cbr\u003e"
}
],
"value": "A stack-based buffer overflow vulnerability exists in the \nsecurebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to\u00a06.2.26.36. A \nspecially crafted malicious cv_object can lead to a arbitrary code \nexecution. An attacker can issue an API call to trigger this \nvulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 - Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T21:49:40.277Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dell ControlVault3/ControlVault3 Plus securebio_identify stack-based buffer overflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-24922",
"datePublished": "2025-06-13T20:51:33.392Z",
"dateReserved": "2025-02-06T16:31:08.480Z",
"dateUpdated": "2025-11-03T19:44:54.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24311 (GCVE-0-2025-24311)
Vulnerability from cvelistv5
Published
2025-06-13 20:42
Modified
2025-11-03 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
An out-of-bounds read vulnerability exists in the cv_send_blockdata
functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted
ControlVault API call can lead to an information leak. An attacker can
issue an API call to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Broadcom | BCM5820X |
Version: NA |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T15:21:41.977038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:21:53.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:45.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BCM5820X",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3",
"vendor": "Dell",
"versions": [
{
"lessThan": "5.15.10.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlVault3 Plus",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.2.26.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered by Philippe Laulheret of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn out-of-bounds read vulnerability exists in the cv_send_blockdata \nfunctionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted \nControlVault API call can lead to an information leak. An attacker can \nissue an API call to trigger this vulnerability.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "An out-of-bounds read vulnerability exists in the cv_send_blockdata \nfunctionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted \nControlVault API call can lead to an information leak. An attacker can \nissue an API call to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T20:54:27.404Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Dell ControlVault3/ControlVault3 Plus cv_send_blockdata out-of-bounds read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-24311",
"datePublished": "2025-06-13T20:42:18.769Z",
"dateReserved": "2025-02-06T16:31:18.964Z",
"dateUpdated": "2025-11-03T19:44:45.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1976 (GCVE-0-2025-1976)
Vulnerability from cvelistv5
Published
2025-04-24 02:55
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1976",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T03:56:20.498559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-04-28",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-1976"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:18.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-1976"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-28T00:00:00+00:00",
"value": "CVE-2025-1976 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Fabric OS",
"vendor": "Brocade",
"versions": [
{
"status": "affected",
"version": "Fabric OS versions 9.1.0 through 9.1.1d6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T02:55:40.225Z",
"orgId": "87b297d7-335e-4844-9551-11b97995a791",
"shortName": "brocade"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25602"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code injection exposure in Fabric OS 9.1.0 through 9.1.1d6",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
"assignerShortName": "brocade",
"cveId": "CVE-2025-1976",
"datePublished": "2025-04-24T02:55:40.225Z",
"dateReserved": "2025-03-04T23:23:05.671Z",
"dateUpdated": "2025-10-21T22:55:18.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3596 (GCVE-0-2024-3596)
Vulnerability from cvelistv5
Published
2024-07-09 12:02
Modified
2025-11-04 17:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:rfc:2865:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rfc",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2865"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3596",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T03:55:37.141738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T21:05:25.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:20:52.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240822-0001/"
},
{
"url": "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol"
},
{
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"tags": [
"x_transferred"
],
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.blastradius.fail/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
},
{
"url": "https://www.kb.cert.org/vuls/id/456537"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RFC",
"vendor": "IETF",
"versions": [
{
"status": "affected",
"version": "2865"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks to Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl who researched and reported this vulnerability"
}
],
"descriptions": [
{
"lang": "en",
"value": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-328: Use of Weak Hash",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:29:16.788Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"url": "https://www.blastradius.fail/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
},
{
"name": "Siemens Security Advisory by Siemens ProductCERT for SIPROTEC, SICAM and related product",
"tags": [
"vendor-advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-794185.html"
},
{
"name": "Siemens Security Advisory by Siemens ProductCERT to SCALANCE, RUGGEDCOM and related products.",
"tags": [
"vendor-advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-723487.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.",
"x_generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3596"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-3596",
"datePublished": "2024-07-09T12:02:53.001Z",
"dateReserved": "2024-04-10T15:09:45.391Z",
"dateUpdated": "2025-11-04T17:20:52.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-38709 (GCVE-0-2023-38709)
Vulnerability from cvelistv5
Published
2024-04-04 19:19
Modified
2025-11-04 21:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- HTTP response splitting
Summary
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.
This issue affects Apache HTTP Server: through 2.4.58.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: 0 ≤ 2.4.58 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http_server",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.4.58",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-38709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-05T13:57:02.091077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T19:38:10.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:23.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240415-0013/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/04/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214119"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/10/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/10/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.58",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Orange Tsai (@orange_8361) from DEVCORE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\u003cbr\u003e\u003cbr\u003eThis issue affects Apache HTTP Server: through 2.4.58.\u003cbr\u003e"
}
],
"value": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP response splitting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:06:19.848Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240415-0013/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/04/3"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
},
{
"url": "https://support.apple.com/kb/HT214119"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-06-26T00:00:00.000Z",
"value": "reported"
}
],
"title": "Apache HTTP Server: HTTP response splitting",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-38709",
"datePublished": "2024-04-04T19:19:35.467Z",
"dateReserved": "2023-07-24T17:51:18.042Z",
"dateUpdated": "2025-11-04T21:08:23.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-43279 (GCVE-0-2023-43279)
Vulnerability from cvelistv5
Published
2024-03-12 00:00
Modified
2025-11-04 18:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:21.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/appneta/tcpreplay/issues/824"
},
{
"name": "FEDORA-2024-96903c39cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"name": "FEDORA-2024-ec1fba69c2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"name": "FEDORA-2024-b3b2a95168",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-43279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T18:51:45.001627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T20:50:39.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-24T02:06:15.522Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/appneta/tcpreplay/issues/824"
},
{
"name": "FEDORA-2024-96903c39cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"name": "FEDORA-2024-ec1fba69c2",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"name": "FEDORA-2024-b3b2a95168",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43279",
"datePublished": "2024-03-12T00:00:00.000Z",
"dateReserved": "2023-09-18T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:17:21.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4324 (GCVE-0-2023-4324)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:17.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:raid_web_console_3:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "raid_web_console_3",
"vendor": "intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:54:08.973670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:57:24.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:23.250Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4324",
"datePublished": "2023-08-15T18:25:38.873Z",
"dateReserved": "2023-08-14T21:06:24.381Z",
"dateUpdated": "2025-11-04T16:10:17.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4325 (GCVE-0-2023-4325)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:18.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:raid_web_console_3:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "raid_web_console_3",
"vendor": "intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:58:07.119861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:00:04.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:23.421Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4325",
"datePublished": "2023-08-15T18:25:38.706Z",
"dateReserved": "2023-08-14T21:10:36.380Z",
"dateUpdated": "2025-11-04T16:10:18.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4326 (GCVE-0-2023-4326)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:19.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:01:37.725882Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:03:09.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T21:54:56.874Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4326",
"datePublished": "2023-08-15T18:25:38.586Z",
"dateReserved": "2023-08-14T21:19:37.314Z",
"dateUpdated": "2025-11-04T16:10:19.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4327 (GCVE-0-2023-4327)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-522 - Insufficiently Protected Credentials
Summary
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:20.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:04:49.686025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:05:12.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:41:33.093Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4327",
"datePublished": "2023-08-15T18:25:38.370Z",
"dateReserved": "2023-08-14T21:22:21.442Z",
"dateUpdated": "2025-11-04T16:10:20.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4328 (GCVE-0-2023-4328)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-522 - Insufficiently Protected Credentials
Summary
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:21.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:19:08.708967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:19:19.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:42:15.841Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4328",
"datePublished": "2023-08-15T18:25:38.246Z",
"dateReserved": "2023-08-14T21:25:58.130Z",
"dateUpdated": "2025-11-04T16:10:21.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4329 (GCVE-0-2023-4329)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:22.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:raid_web_console_3:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "raid_web_console_3",
"vendor": "intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:19:53.153951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:22:13.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:24.200Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4329",
"datePublished": "2023-08-15T18:25:38.060Z",
"dateReserved": "2023-08-14T21:25:58.373Z",
"dateUpdated": "2025-11-04T16:10:22.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4331 (GCVE-0-2023-4331)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:23.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:raid_web_console_3:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "raid_web_console_3",
"vendor": "intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4331",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:23:15.858042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:25:44.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T21:55:43.479Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4331",
"datePublished": "2023-08-15T18:25:37.408Z",
"dateReserved": "2023-08-14T21:25:58.466Z",
"dateUpdated": "2025-11-04T16:10:23.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4332 (GCVE-0-2023-4332)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:24.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:lsi_storage_authority:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lsi_storage_authority",
"vendor": "broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:raid_web_console_3:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "raid_web_console_3",
"vendor": "intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4332",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:27:15.721447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:29:50.058Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T21:56:55.253Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4332",
"datePublished": "2023-08-15T18:25:37.323Z",
"dateReserved": "2023-08-14T21:25:58.608Z",
"dateUpdated": "2025-11-04T16:10:24.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4333 (GCVE-0-2023-4333)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:26.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:34:27.460689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:34:36.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface doesn\u2019t enforce SSL cipher ordering by server"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:43:56.277Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface doesn\u2019t enforce SSL cipher ordering by server",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4333",
"datePublished": "2023-08-15T18:25:37.222Z",
"dateReserved": "2023-08-14T21:25:58.657Z",
"dateUpdated": "2025-11-04T16:10:26.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4334 (GCVE-0-2023-4334)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:27.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:35:07.326506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:35:21.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller Web server (nginx) is serving private files without any authentication"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:24.923Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller Web server (nginx) is serving private files without any authentication",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4334",
"datePublished": "2023-08-15T18:25:37.123Z",
"dateReserved": "2023-08-14T21:25:58.724Z",
"dateUpdated": "2025-11-04T16:10:27.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4336 (GCVE-0-2023-4336)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:28.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:37:55.233368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:38:10.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:25.290Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4336",
"datePublished": "2023-08-15T18:25:36.778Z",
"dateReserved": "2023-08-14T21:27:55.157Z",
"dateUpdated": "2025-11-04T16:10:28.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4337 (GCVE-0-2023-4337)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:29.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4337",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:39:11.305505Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:39:39.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:25.451Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4337",
"datePublished": "2023-08-15T18:25:36.690Z",
"dateReserved": "2023-08-14T21:27:55.221Z",
"dateUpdated": "2025-11-04T16:10:29.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4338 (GCVE-0-2023-4338)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:30.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:40:13.790581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:40:23.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:25.625Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4338",
"datePublished": "2023-08-15T18:25:36.445Z",
"dateReserved": "2023-08-14T21:27:55.350Z",
"dateUpdated": "2025-11-04T16:10:30.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4339 (GCVE-0-2023-4339)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:31.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:41:47.878961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:41:58.772Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:25.818Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4339",
"datePublished": "2023-08-15T18:25:35.162Z",
"dateReserved": "2023-08-14T21:27:55.417Z",
"dateUpdated": "2025-11-04T16:10:31.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4340 (GCVE-0-2023-4340)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:32.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:42:32.043734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:43:09.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:26.025Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4340",
"datePublished": "2023-08-15T18:25:35.073Z",
"dateReserved": "2023-08-14T21:27:55.493Z",
"dateUpdated": "2025-11-04T16:10:32.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4341 (GCVE-0-2023-4341)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:33.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:43:37.493202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:43:58.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:26.182Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4341",
"datePublished": "2023-08-15T18:25:34.542Z",
"dateReserved": "2023-08-14T21:27:55.642Z",
"dateUpdated": "2025-11-04T16:10:33.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4342 (GCVE-0-2023-4342)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:34.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4342",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T20:02:18.354310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:02:31.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:26.404Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4342",
"datePublished": "2023-08-15T18:25:34.363Z",
"dateReserved": "2023-08-14T21:29:11.769Z",
"dateUpdated": "2025-11-04T16:10:34.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4343 (GCVE-0-2023-4343)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:35.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T20:03:40.979136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:03:56.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:26.622Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4343",
"datePublished": "2023-08-15T18:25:34.170Z",
"dateReserved": "2023-08-14T21:29:37.816Z",
"dateUpdated": "2025-11-04T16:10:35.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4344 (GCVE-0-2023-4344)
Vulnerability from cvelistv5
Published
2023-08-15 18:25
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-331 - Insufficient Entropy
Summary
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:36.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4344",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T19:24:49.458889Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T19:26:09.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331: Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T21:58:03.947Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4344",
"datePublished": "2023-08-15T18:25:34.072Z",
"dateReserved": "2023-08-14T21:29:52.908Z",
"dateUpdated": "2025-11-04T16:10:36.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4323 (GCVE-0-2023-4323)
Vulnerability from cvelistv5
Published
2023-08-15 18:21
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:16.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T20:05:02.040092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:05:12.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:23.092Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4323",
"datePublished": "2023-08-15T18:21:36.882Z",
"dateReserved": "2023-08-14T21:02:26.963Z",
"dateUpdated": "2025-11-04T16:10:16.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4345 (GCVE-0-2023-4345)
Vulnerability from cvelistv5
Published
2023-08-15 17:46
Modified
2025-11-04 16:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Broadcom | LSI Storage Authority (LSA) |
Version: 0 < 7.017.011.000 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:37.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.broadcom.com/support/resources/product-security-center"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T20:16:56.558213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T20:17:59.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "LSI Storage Authority (LSA)",
"vendor": "Broadcom",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAID Web Console 3 (RWC3)",
"vendor": "Intel",
"versions": [
{
"lessThan": "7.017.011.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Intel DCG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-16T02:04:27.021Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"value": "This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broadcom RAID Controller web interface is vulnerable client-side control bypass",
"x_generator": {
"engine": "cveClient/1.0.14"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-4345",
"datePublished": "2023-08-15T17:46:38.983Z",
"dateReserved": "2023-08-14T21:30:09.111Z",
"dateUpdated": "2025-11-04T16:10:37.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}