CVE-2023-23584

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 18, 2023

Updated: Jan 5, 2024

CWE ID 203

CWE ID 204

Summary

CVE-2023-23584 is a vulnerability affecting the Gallagher Command Centre RESTAPI. It allows insufficiently-privileged users to infer the presence of items that should not be viewable, based on observable response discrepancies. This issue puts version 8.70 of Gallagher Command Centre before vEL8.70.1787 (MR2), 8.60 before vEL8.60.2039 (MR4), and all versions of 8.50 and older at risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Gallagher Command Centre

Affected Vendors

Gallagher

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t2V2lh
https://www.cve.org/CVERecord?id=CVE-2023-23584
https://nvd.nist.gov/vuln/detail/CVE-2023-23584

Back to Vulnerability Database