{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-24584", "assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "state": "PUBLISHED", "assignerShortName": "Gallagher", "dateReserved": "2023-02-03T20:38:05.230Z", "datePublished": "2023-06-01T04:08:35.754Z", "dateUpdated": "2025-01-10T18:47:07.773Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "shortName": "Gallagher", "dateUpdated": "2023-06-01T04:08:35.754Z"}, "title": "Controller 6000 buffer overflow via upload feature in web interface", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "type": "CWE"}]}], "affected": [{"vendor": "Gallagher", "product": "Controller 6000", "versions": [{"status": "affected", "version": "0", "lessThan": "vCR8.80.230201a", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.70.230201a", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.60.230201b", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.50.230201a", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \n\n\n\n\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u00a0all versions of vCR8.40 and prior.\n\n", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. </span>\n\n<br></p><p>This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">all versions of vCR8.40 and prior.</span></p>"}]}], "references": [{"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}}], "workarounds": [{"lang": "en", "value": "\nEnsure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.\n\n\n", "supportingMedia": [{"type": "text/html", "base64": false, "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Ensure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.</span>\n\n<br>"}]}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:03:18.735Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-10T18:46:54.400796Z", "id": "CVE-2023-24584", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-10T18:47:07.773Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:03:18.735Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-24584", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-10T18:46:54.400796Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-10T18:47:03.797Z"}}], "cna": {"title": "Controller 6000 buffer overflow via upload feature in web interface", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Gallagher", "product": "Controller 6000", "versions": [{"status": "affected", "version": "0", "lessThan": "vCR8.80.230201a", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.70.230201a", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.60.230201b", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "vCR8.50.230201a", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"}], "workarounds": [{"lang": "en", "value": "\nEnsure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Ensure dipswitch 1 is turned off on all Controllers and the option, \"Dipswitch 1 controls the diagnostic web interface\", is not checked in Configuration Client on Controller property pages. Do not use the Controller override, \"Enable WWW Connections\". Refer to the Gallagher Command Centre Hardening Guide for more details.</span>\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \n\n\n\n\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u00a0all versions of vCR8.40 and prior.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. </span>\n\n<br></p><p>This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">all versions of vCR8.40 and prior.</span></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "shortName": "Gallagher", "dateUpdated": "2023-06-01T04:08:35.754Z"}}}, "cveMetadata": {"cveId": "CVE-2023-24584", "state": "PUBLISHED", "dateUpdated": "2025-01-10T18:47:07.773Z", "dateReserved": "2023-02-03T20:38:05.230Z", "assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "datePublished": "2023-06-01T04:08:35.754Z", "assignerShortName": "Gallagher"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2145115-B3C0-450E-B8E4-F9E0CA60E532", "versionEndExcluding": "8.50.230201a", "vulnerable": true}, {"criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C59CC87-0F34-4B34-A8E9-4A8EC922067F", "versionEndExcluding": "8.60.230201b", "versionStartIncluding": "8.60", "vulnerable": true}, {"criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33EB0365-40C7-4750-A013-37B655A24FE4", "versionEndExcluding": "8.70.230201a", "versionStartIncluding": "8.70", "vulnerable": true}, {"criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F952C1B-EA21-4179-A8CF-84952EBE2478", "versionEndExcluding": "8.80.230201a", "versionStartIncluding": "8.80", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gallagher:controller_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AF2B03B-B033-439F-8CEE-334FA8053278", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nController 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. \n\n\n\n\nThis issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a,\u00a0all versions of vCR8.40 and prior.\n\n"}], "id": "CVE-2023-24584", "lastModified": "2024-11-21T07:48:10.787", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "disclosures@gallagher.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-01T05:15:09.767", "references": [{"source": "disclosures@gallagher.com", "tags": ["Vendor Advisory"], "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-24584"}], "sourceIdentifier": "disclosures@gallagher.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "disclosures@gallagher.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}