Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
CVE-2023-4343
7.5HIGH
Key Information:
- Vendor
Broadcom
- Vendor
- CVE Published:
- 15 August 2023
What is CVE-2023-4343?
The Broadcom RAID Controller web interface is vulnerable due to sensitive password data being compromised through exposure in URL search parameters. This security flaw can allow unauthorized users to intercept critical access credentials, making it essential for organizations using this product to review their security configurations and take steps to mitigate potential risks.
Affected Version(s)
LSI Storage Authority (LSA) 0
RAID Web Console 3 (RWC3) 0 < 7.017.011.000