Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-4334
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4336
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4337
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4338
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
Broadcom Raid Controller Web Interface 51.12.0-2779
7.5
CVSSv3
CVE-2023-4339
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4340
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4341
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-4342
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
Broadcom Raid Controller Web Interface 51.12.0-2779
7.5
CVSSv3
CVE-2023-4343
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
Broadcom Raid Controller Web Interface 51.12.0-2779
6.5
CVSSv3
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
Broadcom Raid Controller Web Interface 51.12.0-2779
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »