CVE-2023-4328

CVE-2023-4328: Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

Vendor Broadcom
Product LSI Storage Authority (LSA)
Weakness CWE-522 · Insufficiently protected credentials
Published August 15, 2023
Last update November 4, 2025

CVSS base score

What the vulnerability does

01Description

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows

Key dates

02Disclosure timeline

August 15, 2023 CVE published
November 4, 2025 Record updated