Vulnerabilities > CVE-2019-19801 - Unspecified vulnerability in Gallagher Command Centre

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

gallagher

NVD

Published: 2020-01-17

Updated: 2020-08-24

Summary

In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases.

Vulnerable Configurations

Part	Description	Count
Application	Gallagher Gallagher Command Centre - Gallagher Command Centre 7.80 Gallagher Command Centre 7.80.939 Gallagher Command Centre 7.90 Gallagher Command Centre 7.90.0 Gallagher Command Centre 7.90.961 Gallagher Command Centre 8.10 Gallagher Command Centre 8.10.1092 Gallagher Command Centre 8.0 Gallagher Command Centre 8.00 Gallagher Command Centre 8.00.1128 Gallagher Command Centre 8.10.1134 Gallagher Command Centre 8.00.1161 Gallagher Command Centre 7.90.991 Gallagher Command Centre 7.80.960	15

References

https://security.gallagher.com/cve-2019-19801