CVE-2023-22428
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
6.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.1%
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage.
This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831(MR8), vEL8.40 and prior.
Affected configurations
CNA Affected
[
{
"vendor": "Gallagher",
"product": "Command Centre",
"versions": [
{
"status": "affected",
"version": "vEL8.80",
"lessThan": "1192",
"versionType": "custom"
},
{
"status": "affected",
"version": "vEL8.70",
"lessThan": "2185",
"versionType": "custom"
},
{
"status": "affected",
"version": "vEL8.60",
"lessThan": "2347",
"versionType": "custom"
},
{
"status": "affected",
"version": "vEL8.50",
"lessThan": "2831",
"versionType": "custom"
},
{
"status": "affected",
"version": "vEL8.40"
}
],
"defaultStatus": "unaffected"
}
]Related
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
6.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.1%