Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVE-2023-4332
7.5HIGH
Key Information:
- Vendor
Broadcom
- Vendor
- CVE Published:
- 15 August 2023
What is CVE-2023-4332?
The Broadcom RAID Controller web interface is susceptible to vulnerabilities stemming from improper permissions set on log files. This misconfiguration can potentially allow unauthorized users to access sensitive log data, which could lead to further exploitation or data leakage. Organizations using affected RAID Controllers must review their permissions settings to safeguard against unauthorized access.
Affected Version(s)
LSI Storage Authority (LSA) 0
RAID Web Console 3 (RWC3) 0 < 7.017.011.000