CVE-2023-24584 (GCVE-0-2023-24584)
Vulnerability from cvelistv5
Published
2023-06-01 04:08
Modified
2025-01-10 18:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature.
This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a, all versions of vCR8.40 and prior.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Gallagher | Controller 6000 |
Version: 0 < vCR8.80.230201a Version: 0 < vCR8.70.230201a Version: 0 < vCR8.60.230201b Version: 0 < vCR8.50.230201a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T18:46:54.400796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T18:47:07.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Controller 6000",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "vCR8.80.230201a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR8.70.230201a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR8.60.230201b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vCR8.50.230201a",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \u003c/span\u003e\n\n\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eall versions of vCR8.40 and prior.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \n\n\n\n\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u00a0all versions of vCR8.40 and prior.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-01T04:08:35.754Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Controller 6000 buffer overflow via upload feature in web interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEnsure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nEnsure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2023-24584",
"datePublished": "2023-06-01T04:08:35.754Z",
"dateReserved": "2023-02-03T20:38:05.230Z",
"dateUpdated": "2025-01-10T18:47:07.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-24584\",\"sourceIdentifier\":\"disclosures@gallagher.com\",\"published\":\"2023-06-01T05:15:09.767\",\"lastModified\":\"2024-11-21T07:48:10.787\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \\n\\n\\n\\n\\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u00a0all versions of vCR8.40 and prior.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"disclosures@gallagher.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"disclosures@gallagher.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.50.230201a\",\"matchCriteriaId\":\"D2145115-B3C0-450E-B8E4-F9E0CA60E532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.60\",\"versionEndExcluding\":\"8.60.230201b\",\"matchCriteriaId\":\"1C59CC87-0F34-4B34-A8E9-4A8EC922067F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.70\",\"versionEndExcluding\":\"8.70.230201a\",\"matchCriteriaId\":\"33EB0365-40C7-4750-A013-37B655A24FE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.80\",\"versionEndExcluding\":\"8.80.230201a\",\"matchCriteriaId\":\"3F952C1B-EA21-4179-A8CF-84952EBE2478\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:gallagher:controller_6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF2B03B-B033-439F-8CEE-334FA8053278\"}]}]}],\"references\":[{\"url\":\"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584\",\"source\":\"disclosures@gallagher.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T11:03:18.735Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-24584\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-10T18:46:54.400796Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-10T18:47:03.797Z\"}}], \"cna\": {\"title\": \"Controller 6000 buffer overflow via upload feature in web interface\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Gallagher\", \"product\": \"Controller 6000\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"vCR8.80.230201a\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"vCR8.70.230201a\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"vCR8.60.230201b\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"vCR8.50.230201a\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"\\nEnsure dipswitch 1 is turned off on all Controllers and the option, \\\"Dipswitch 1 controls the diagnostic web interface\\\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \\\"Enable WWW Connections\\\". Refer to the Gallagher Command Centre Hardening Guide for more details.\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eEnsure dipswitch 1 is turned off on all Controllers and the option, \\\"Dipswitch 1 controls the diagnostic web interface\\\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \\\"Enable WWW Connections\\\". Refer to the Gallagher Command Centre Hardening Guide for more details.\u003c/span\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \\n\\n\\n\\n\\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\\u00a0all versions of vCR8.40 and prior.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \u003c/span\u003e\\n\\n\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eall versions of vCR8.40 and prior.\u003c/span\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"0c426f27-3ee1-4eff-be88-288d5a1822bc\", \"shortName\": \"Gallagher\", \"dateUpdated\": \"2023-06-01T04:08:35.754Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-24584\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-10T18:47:07.773Z\", \"dateReserved\": \"2023-02-03T20:38:05.230Z\", \"assignerOrgId\": \"0c426f27-3ee1-4eff-be88-288d5a1822bc\", \"datePublished\": \"2023-06-01T04:08:35.754Z\", \"assignerShortName\": \"Gallagher\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…