CVE-2023-22363

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Command Centre versions vEL8.80 prior to vEL8.80.1192 (MR2)

Description A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.

Recommendations For versions vEL8.80 prior to vEL8.80.1192 (MR2), update to version vEL8.80.1192 (MR2) or later to resolve the issue. As a temporary workaround, consider restricting access to the Command Centre Server to minimize the risk of exploitation. Avoid assigning cardholders to an Access Group until the issue is resolved.

Fix

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

CVE-2023-22363

Affected Products

Command Centre

CVE-2023-22363

Weakness Enumeration

Related Identifiers

Affected Products

References · 5