High severity7.1NVD Advisory· Published Jul 25, 2023· Updated Jun 17, 2026
CVE-2023-25074
CVE-2023-25074
Description
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies.
This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4),
vEL8.60 prior to vEL8.60.2347 (MR6),
vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2vEL8.90 prior to vEL8.90.1318, vEL8.80 prior to vEL8.80.1192, vEL8.70 prior to vEL8.70.2185, vEL8.60 prior to vEL8.60.2347, vEL8.50 prior to vEL8.50.2831, all versions vEL8.40 and prior+ 1 more
- (no CPE)range: vEL8.90 prior to vEL8.90.1318, vEL8.80 prior to vEL8.80.1192, vEL8.70 prior to vEL8.70.2185, vEL8.60 prior to vEL8.60.2347, vEL8.50 prior to vEL8.50.2831, all versions vEL8.40 and prior
- (no CPE)range: vEL8.40
Patches
Vulnerability mechanics
References
1- security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-25074nvdVendor Advisory
News mentions
0No linked articles in our index yet.