Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
CVE-2023-4333

5.5MEDIUM

Key Information:

Vendor: Broadcom
Status: Lsi Storage Authority (lsa)
Vendor: CVE Published:; 15 August 2023

Summary

Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server

Affected Version(s)

LSI Storage Authority (LSA) 0

References

https://www.broadcom.com/support/resources/product-securi...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 15, 2023
Vulnerability Reserved
Aug 14, 2023

Credit

Intel DCG

.