CVE-2023-4337

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Source: CVE-2023-4337

CVE-2023-4342

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

Source: CVE-2023-4342

CVE-2023-4339

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

Source: CVE-2023-4339

CVE-2023-4343

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

Source: CVE-2023-4343

CVE-2023-4332

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

Source: CVE-2023-4332

CVE-2023-4341

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

Source: CVE-2023-4341

CVE-2023-4326

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites

Source: CVE-2023-4326

CVE-2023-38863

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.

Source: CVE-2023-38863

CVE-2023-38401

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITYSYSTEM privileges on the operating system.

Source: CVE-2023-38401

CVE-2023-38862

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.

Source: CVE-2023-38862