CVE-2023-4327

EUVD-2023-54192
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
broadcomraid_controller_web_interface
51.12.0-2779
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.broadcom.com/support/resources/product-security-center
https://www.broadcom.com/support/resources/product-security-center
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html