Vulnerability Details CVE-2023-24584
Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature.
This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a, all versions of vCR8.40 and prior.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.6%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-24584
-
cpe:2.3:h:gallagher:controller_6000:-
-
cpe:2.3:o:gallagher:controller_6000_firmware:-
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.30
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.30.220303a
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.40
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.40.220303a
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.50
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.50.220303a
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.60
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.60.220303a
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.70
-
cpe:2.3:o:gallagher:controller_6000_firmware:8.80