How severe is CVE-2023-23576?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2023-23576?

This is classified as CWE-696, which is a common weakness in software security.

CVE-2023-23576 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in the access decision. This issue affects: Gallagher Command Centre: 8.90 prior to vEL8.90.1620 (MR2), 8.80 prior to vEL8.80.1369 (MR3), 8.70 prior to vEL8.70.2375 (MR5), 8.60 prior to vEL8.60.2550 (MR7), all versions of 8.50 and prior.

Related Vulnerabilities

CVE-2023-52968

MEDIUM

CVSS:4.9(Medium)

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_deriv...

CWE-6962023

CVE-2025-20012

MEDIUM

CVSS:4.9(Medium)

Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.

CWE-6962025

CVE-2024-45157

MEDIUM

CVSS:5.1(Medium)

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not ...

CWE-6962024

CVE-2024-35229

MEDIUM

CVSS:5.3(Medium)

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern `f(a(),b()); check_if_a_executed_last()` in Yul that exposes...

CWE-6962024

CVE-2021-22569

MEDIUM

CVSS:5.5(Medium)

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for...

CWE-6962021

CVE-2024-30389

MEDIUM

CVSS:5.8(Medium)

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity im...

CWE-6962024