CVE-2023-4339
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-4339 is a newly disclosed vulnerability affecting Broadcom RAID Controller web interfaces. This issue allows unauthorized users to access private keys used for Common Information Model (CIM) storage through insecure file permissions. The exposure of these keys poses a significant risk for data theft and unauthorized access to critical systems. attackers can exploit this vulnerability by gaining unauthorized access to the RAID Controller web interface and obtaining the private keys. The impact of this vulnerability is heightened in environments where the RAID Controller handles sensitive data or manages critical infrastructure. It is crucial for organizations using Broadcom RAID Controllers to apply the necessary patches or configurations to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Broadcom