CVE-2023-4324

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 15, 2023
Updated: Aug 21, 2023
CWE ID 787

Summary

CVE-2023-4324 is a newly discovered vulnerability affecting Broadcom RAID Controller web interfaces. The issue stems from the absence of adequate HTTP Content-Security-Policy (CSP) headers, leaving these interfaces susceptible to various forms of code injection and cross-site scripting attacks. Since CSP headers are crucial for mitigating such risks by controlling the execution of scripts, this vulnerability can pose a significant threat to networks if left unaddressed. Organizations utilizing Broadcom RAID Controllers are recommended to apply the latest patches or update their CSP headers immediately to protect their systems from potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share