Broadcom: >> Raid Controller Web Interface >> 51.12.0-2779 Security Vulnerabilities
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
Page 1