CVE-2023-22363 - OpenCVE

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Gallagher	Command Centre

Configuration 1 [-]

cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*

References

Link	Resource
https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-22363	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Gallagher

Published: 2023-07-24T23:09:14.127Z

Updated: 2023-07-24T23:09:14.127Z

Reserved: 2023-02-03T20:38:05.254Z

Link: CVE-2023-22363

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-07-25T00:15:09.540

Modified: 2023-08-01T19:50:33.197

Link: CVE-2023-22363

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-22363", "assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "state": "PUBLISHED", "assignerShortName": "Gallagher", "dateReserved": "2023-02-03T20:38:05.254Z", "datePublished": "2023-07-24T23:09:14.127Z", "dateUpdated": "2023-07-24T23:09:14.127Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "shortName": "Gallagher", "dateUpdated": "2023-07-24T23:09:14.127Z"}, "title": "Access Zone stack overflow", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-121", "description": "CWE-121 Stack-based buffer overflow", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "affected": [{"vendor": "Gallagher", "product": "Command Centre", "versions": [{"status": "affected", "version": "vEL8.80", "lessThan": "1192", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "\nA stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.\n\nThis issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)\n\n", "supportingMedia": [{"type": "text/html", "base64": false, "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.</span>\n\n<p>This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)</p>"}]}], "references": [{"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-22363"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}