Search Results | AttackerKB

Show filters

Topics 561 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

561 Total Results

Displaying 81-90 of 561

Attacker Value

Unknown

CVE-2023-4340

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4339

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4338

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4337

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4336

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4335

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4334

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4333

Disclosure Date: August 15, 2023 (last updated September 24, 2024)

Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4332

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-4331

Disclosure Date: August 15, 2023 (last updated October 08, 2023)

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

Attack Vector: Network Privileges: None User Interaction: None

0