CVE-2023-4337

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 15, 2023

Updated: Aug 21, 2023

CWE ID 89

Summary

CVE-2023-4337 refers to a vulnerability in Broadcom RAID Controller's web interface. This issue arises due to improper session handling of managed servers on Gateway installations. An attacker can exploit this flaw by hijacking a user session, potentially gaining unauthorized access to the RAID controller and its associated data. The vulnerability poses a significant risk, especially in environments where sensitive data is stored or managed. System administrators are advised to apply the available patches promptly to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/suOmZP
https://www.cve.org/CVERecord?id=CVE-2023-4337
https://nvd.nist.gov/vuln/detail/CVE-2023-4337

Back to Vulnerability Database

CVE-2023-4337

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations