Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
CVE-2023-4323
9.8CRITICAL
Key Information:
- Vendor
Broadcom
- Vendor
- CVE Published:
- 15 August 2023
What is CVE-2023-4323?
The Broadcom RAID Controller web interface is susceptible to vulnerabilities arising from improper management of active sessions during Gateway setup. This oversight can allow unauthorized access to sensitive data and functionalities, potentially compromising the security of the system. Organizations using affected versions should evaluate their configurations and consider immediate measures to mitigate risks associated with this vulnerability, thereby safeguarding their data integrity and system operations.
Affected Version(s)
LSI Storage Authority (LSA) 0
RAID Web Console 3 (RWC3) 0 < 7.017.011.000