Vulnerabilities > Gallagher > Command Centre > 8.40.1888

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-23193 Improper Privilege Management vulnerability in Gallagher Command Centre
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server.
network
low complexity
gallagher CWE-269
6.5
2021-11-18 CVE-2021-23167 Improper Certificate Validation vulnerability in Gallagher Command Centre
Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server.
network
high complexity
gallagher CWE-295
6.8
2021-06-11 CVE-2021-23230 SQL Injection vulnerability in Gallagher Command Centre
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected.
network
low complexity
gallagher CWE-89
4.3