Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
References
Link | Resource |
---|---|
https://www.broadcom.com/support/resources/product-security-center | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Aug 2023, 18:45
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.broadcom.com/support/resources/product-security-centerĀ - Product | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-306 | |
First Time |
Broadcom raid Controller Web Interface
Linux Broadcom Linux linux Kernel |
|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:broadcom:raid_controller_web_interface:51.12.0-2779:*:*:*:*:*:*:* |
15 Aug 2023, 20:01
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-15 19:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-4335
Mitre link : CVE-2023-4335
CVE.ORG link : CVE-2023-4335
JSON object : View
Products Affected
linux
- linux_kernel
broadcom
- raid_controller_web_interface
CWE
CWE-306
Missing Authentication for Critical Function