CVE-2023-4336: Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Affected

3 ranges

Vendor	Product	Version range	Fixed in
broadcom	lsi_storage_authority	< 7.017.011.000	7.017.011.000
broadcom	raid_controller_web_interface	—	—
intel	raid_web_console_3	< 7.017.011.000	7.017.011.000