CVE-2023-4327

Summary

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

Affected Software

VendorProductVersion RangeStatus
BroadcomLSI Storage Authority (LSA)0affected

Weaknesses

  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References