CVE-2024-23194

Summary

Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files.

This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).

Affected Software

VendorProductVersion RangeStatus
GallagherCommand Centre9.10 < vEL9.10.1268affected

Weaknesses

  • CWE-117: CWE-117 Improper Output Neutralization for Logs

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References