CVE-2023-4344

CRITICAL

Broadcom RAID Controller - Info Disclosure

Title source: llm

Description

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

References (2)

Scores

CVSS v3 9.8
EPSS 0.0008
EPSS Percentile 24.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-331 CWE-330
Status published

Affected Products (1)

broadcom/raid_controller_web_interface

Timeline

Published Aug 15, 2023
Tracked Since Feb 18, 2026