Home

Description

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

PUBLISHED Reserved 2023-08-14 | Published 2023-08-15 | Updated 2025-11-04 | Assigner certcc

Problem types

CWE-331: Insufficient Entropy

Product status

Default status
affected

Any version before 7.017.011.000
affected

Default status
unaffected

Any version before 7.017.011.000
affected

Credits

Intel DCG finder

References

www.broadcom.com/support/resources/product-security-center

www.intel.com/...ecurity-center/advisory/intel-sa-00926.html

www.broadcom.com/support/resources/product-security-center

cve.org (CVE-2023-4344)

nvd.nist.gov (CVE-2023-4344)

Download JSON