8.30.1299

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

gallagher

CWE-862

NVD

Published: 2021-06-11

Updated: 2021-06-22

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3).

Vulnerable Configurations

Part	Description	Count
Application	Gallagher Gallagher Command Centre 8.30 Gallagher Command Centre 8.30.1236 Gallagher Command Centre 8.30.1299 Gallagher Command Centre *	6

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://security.gallagher.com/Security-Advisories/CVE-2021-23204