CVE-2023-4324
published 2023-08-15CVE-2023-4324: Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | lsi_storage_authority | < 7.017.011.000 | 7.017.011.000 |
| broadcom | raid_controller_web_interface | — | — |
| intel | raid_web_console_3 | < 7.017.011.000 | 7.017.011.000 |