Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
CVE-2023-4340
9.8CRITICAL
Key Information:
- Vendor
Broadcom
- Vendor
- CVE Published:
- 15 August 2023
What is CVE-2023-4340?
A security vulnerability exists in Broadcom RAID Controller that allows attackers to escalate privileges by exploiting session information logged in the system’s logs. This flaw may enable unauthorized users to gain elevated access rights, potentially compromising system integrity and availability. Proper security measures and updates are necessary to protect vulnerable installations.
Affected Version(s)
LSI Storage Authority (LSA) 0
RAID Web Console 3 (RWC3) 0 < 7.017.011.000