Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Raid_controller_web_interface | Broadcom | 51.12.0-2779 (including) | 51.12.0-2779 (including) |