CVE-2023-4329

Summary

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

Affected Software

VendorProductVersion RangeStatus
BroadcomLSI Storage Authority (LSA)0 < 7.017.011.000affected
IntelRAID Web Console 3 (RWC3)0 < 7.017.011.000affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References