CVE-2023-4336

Summary

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Affected Software

VendorProductVersion RangeStatus
BroadcomLSI Storage Authority (LSA)0 < 7.017.011.000affected
IntelRAID Web Console 3 (RWC3)0 < 7.017.011.000affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References