CVE-2024-23317
CVSS V2 None
CVSS V3 None
Description
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows an attacker with local access to the Controller to perform arbitrary code execution.
This issue affects: 9.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)), 8.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)), 8.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior.
Overview
- CVE ID
- CVE-2024-23317
- Assigner
- Gallagher
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-11T02:39:28.129Z
- Last Modified Date
- 2024-07-11T02:39:28.129Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://security.gallagher.com/Security-Advisories/CVE-2024-23317 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-23317 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23317 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-11 13:11:12 | Added to TrackCVE |