CVE-2023-4344
15.08.2023, 19:15
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connectionEnginsight
| Vendor | Product | Version |
|---|---|---|
| broadcom | raid_controller_web_interface | 51.12.0-2779 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-331 - Insufficient EntropyThe software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
- CWE-330 - Use of Insufficiently Random ValuesThe software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.