CVE-2023-4327

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
certccCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
broadcomraid_controller_web_interface
51.12.0-2779
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.broadcom.com/support/resources/product-security-center
https://www.broadcom.com/support/resources/product-security-center