Vulnerabilities > Gallagher > Command Centre > 8.10.1284

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-23146 Incorrect Comparison vulnerability in Gallagher Command Centre
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification.
network
low complexity
gallagher CWE-697
7.5
2021-11-18 CVE-2021-23167 Improper Certificate Validation vulnerability in Gallagher Command Centre
Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server.
network
high complexity
gallagher CWE-295
6.8
2021-06-11 CVE-2021-23230 SQL Injection vulnerability in Gallagher Command Centre
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected.
network
low complexity
gallagher CWE-89
4.3