CVE-2023-4326
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 15, 2023
Updated: Aug 21, 2023
CWE ID 532
Summary
CVE-2023-4326: A vulnerability was discovered in Broadcom RAID Controller's web interface, allowing for insecure connections due to its default TLS configuration that supports outdated SHA1-based ciphersuites. This weakness exposes affected systems to potential man-in-the-middle attacks, putting sensitive data at risk. Users are advised to update their configurations to disable these obsolete ciphersuites and enable more secure alternatives to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Milesight