CVE-2023-22363

Severity: Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Components affected: Command Centre Server

Version of Command Centre affected:  8.80 prior to 8.80.1192 (MR2)

Reported by: Gallagher Internal

Active exploitation of vulnerability*: No

Description of vulnerability: A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial-of-service attack via assigning cardholders to an Access Group.

Mitigation: None

Maintenance releases are now available for:

• vEL8.80.1192 (MR2)

*This indicates whether Gallagher are aware of this being actively exploited against customer sites at the time of publication.