First published: Tue Aug 15 2023(Updated: )
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
Credit: cret@cert.org cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Broadcom RAID Controller web interface | =51.12.0-2779 | |
=51.12.0-2779 |
This issue is fixed in 7.017.011.000. For more information please contact your Broadcom representative.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-4324 is a vulnerability found in the Broadcom RAID Controller web interface due to insecure defaults of lacking HTTP Content-Security-Policy headers.
CVE-2023-4324 has a severity score of 9.8 out of 10, indicating a critical vulnerability.
CVE-2023-4324 exposes the Broadcom RAID Controller web interface to potential attacks due to the absence of HTTP Content-Security-Policy headers.
To fix CVE-2023-4324, it is recommended to update the Broadcom RAID Controller web interface to a version that includes HTTP Content-Security-Policy headers.
For more information about CVE-2023-4324, you can visit the Broadcom Product Security Center at https://www.broadcom.com/support/resources/product-security-center.