Headline
CVE-2023-22363: CVE-2023-22363
A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.
This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)
Severity: Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Components affected: Command Centre Server
Version of Command Centre affected: 8.80 prior to 8.80.1192 (MR2)
Reported by: Gallagher Internal
Active exploitation of vulnerability*: No
Description of vulnerability: A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial-of-service attack via assigning cardholders to an Access Group.
Mitigation: None
Maintenance releases are now available for:
- vEL8.80.1192 (MR2)
*This indicates whether Gallagher are aware of this being actively exploited against customer sites at the time of publication.