Vulnerability Details CVE-2023-46686
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols.
This issue affects: Gallagher Diagnostics Service prior to v1.3.0 (distributed in 9.00.1507(MR1)).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.1%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2023-46686
-
cpe:2.3:a:gallagher:command_centre:9.00
-
cpe:2.3:a:gallagher:command_centre:9.00.1507