Shodan
Vulnerabilities
Vulnerable Software
Broadcom:  Security Vulnerabilities
CVE-2023-31423
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.
CVSS Score
5.7
EPSS Score
0.001
Published
2023-08-31
CVE-2023-3489
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS.
CVSS Score
8.6
EPSS Score
0.001
Published
2023-08-31
CVE-2023-4327
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4328
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4329
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4331
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4332
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4333
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4334
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4335
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved