CVE-2023-4326

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 15, 2023
Updated: Aug 21, 2023
CWE ID 532

Summary

CVE-2023-4326: A vulnerability was discovered in Broadcom RAID Controller's web interface, allowing for insecure connections due to its default TLS configuration that supports outdated SHA1-based ciphersuites. This weakness exposes affected systems to potential man-in-the-middle attacks, putting sensitive data at risk. Users are advised to update their configurations to disable these obsolete ciphersuites and enable more secure alternatives to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share