9.00.1507

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

gallagher

NVD

Published: 2023-12-18

Updated: 2023-12-28

Summary

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 (distributed in 9.00.1507(MR1)).

Vulnerable Configurations

Part	Description	Count
Application	Gallagher Gallagher Command Centre 9.00 Gallagher Command Centre 9.00.1507	2

References

https://security.gallagher.com/Security-Advisories/CVE-2023-46686