CVE-2023-4324
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-4324 is a newly discovered vulnerability affecting Broadcom RAID Controller web interfaces. The issue stems from the absence of adequate HTTP Content-Security-Policy (CSP) headers, leaving these interfaces susceptible to various forms of code injection and cross-site scripting attacks. Since CSP headers are crucial for mitigating such risks by controlling the execution of scripts, this vulnerability can pose a significant threat to networks if left unaddressed. Organizations utilizing Broadcom RAID Controllers are recommended to apply the latest patches or update their CSP headers immediately to protect their systems from potential exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- D LINK SYSTEMS INC