CVE-2023-4329
published 2023-08-15CVE-2023-4329: Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | lsi_storage_authority | < 7.017.011.000 | 7.017.011.000 |
| broadcom | raid_controller_web_interface | — | — |
| intel | raid_web_console_3 | < 7.017.011.000 | 7.017.011.000 |