CVE-2023-22363

MEDIUM

Gallagher Command Centre 8.80 < 8.80.1192 - Denial of Service via Cardholder Access Group Assignment

Title source: llm

Description

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)

References (1)

Core 1

Core References

Vendor Advisory

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-22363

Scores

CVSS v3 6.5

EPSS 0.0051

EPSS Percentile 39.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-121 CWE-787

Status published

Products (1)

gallagher/command_centre 8.80 - 8.80.1192

Published Jul 25, 2023

Tracked Since Feb 18, 2026