Vulnerabilities > Gallagher > Command Centre > 8.20.1218
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-18 | CVE-2021-23146 | Incorrect Comparison vulnerability in Gallagher Command Centre An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. | 7.5 |
2021-06-11 | CVE-2021-23136 | Unspecified vulnerability in Gallagher Command Centre Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command Centre Operator. | 6.5 |
2021-06-11 | CVE-2021-23140 | Unspecified vulnerability in Gallagher Command Centre Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Command Centre Operator. | 8.8 |
2021-06-11 | CVE-2021-23205 | Improper Encoding or Escaping of Output vulnerability in Gallagher Command Centre Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. | 8.1 |
2021-06-11 | CVE-2021-23230 | SQL Injection vulnerability in Gallagher Command Centre A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. | 4.3 |
2020-12-14 | CVE-2020-16102 | Missing Authentication for Critical Function vulnerability in Gallagher Command Centre Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash and fail to restart. | 8.2 |