CVE-2023-4333

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 15, 2023
Updated: Sep 8, 2023
CWE ID 79

Summary

CVE-2023-4333 refers to a vulnerability in Broadcom RAID Controller web interfaces. This issue arises due to the lack of enforcement of SSL cipher ordering by the servers, allowing potential attackers to downgrade encrypted connections to weaker encryption methods. An unauthorized user could exploit this weakness to gain unauthorized access to sensitive data transmitted over the affected interface. Organizations using Broadcom RAID Controllers are advised to apply the necessary patches to mitigate this risk and ensure secure communication.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share