CVE-2023-22363 MEDIUM

CVE-2023-22363: Access Zone stack overflow

Vendor Gallagher
Product Command Centre
Weakness CWE-121
Published July 24, 2023
Last update October 17, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)

Key dates

02Disclosure timeline

July 24, 2023 CVE published
October 17, 2024 Record updated