CVE-2024-23194
3.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files.
This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Gallagher | Command Centre | 9.10 < vEL9.10.1268 | affected |
Weaknesses
- CWE-117: CWE-117 Improper Output Neutralization for Logs
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.