Insecure Default HTTP Configuration in Broadcom RAID Controller Web Interface Exposes SESSIONID Cookie Vulnerability
CVE-2023-4329 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
Learn more about our Web App Pen Testing.