浏览 22+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-4324 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:39 | Deep Dive |
| CVE-2023-4325 | Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:39 | Deep Dive |
| CVE-2023-4326 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:39 | Deep Dive |
| CVE-2023-4327 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | Broadcom | LSI Storage Authority (LSA) | 中危 | - | 2023-08-15 18:25:38 | Deep Dive |
| CVE-2023-4328 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | Broadcom | LSI Storage Authority (LSA) | 中危 | - | 2023-08-15 18:25:38 | Deep Dive |
| CVE-2023-4329 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:38 | Deep Dive |
| CVE-2023-4335 | Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4337 | Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4336 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4334 | Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4333 | Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | Broadcom | LSI Storage Authority (LSA) | 中危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4332 | Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4331 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:37 | Deep Dive |
| CVE-2023-4338 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:36 | Deep Dive |
| CVE-2023-4339 | Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:35 | Deep Dive |
| CVE-2023-4340 | Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:35 | Deep Dive |
| CVE-2023-4341 | Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:35 | Deep Dive |
| CVE-2023-4342 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:34 | Deep Dive |
| CVE-2023-4343 | Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | Broadcom | LSI Storage Authority (LSA) | 高危 | - | 2023-08-15 18:25:34 | Deep Dive |
| CVE-2023-4344 | Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection | Broadcom | LSI Storage Authority (LSA) | 超危 | - | 2023-08-15 18:25:34 | Deep Dive |