CVE-2023-4338
published 2023-08-15CVE-2023-4338: Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | lsi_storage_authority | < 7.017.011.000 | 7.017.011.000 |
| broadcom | raid_controller_web_interface | — | — |
| intel | raid_web_console_3 | < 7.017.011.000 | 7.017.011.000 |