Vulnerabilities > Gallagher > Command Centre > 8.50.2245

DATE CVE VULNERABILITY TITLE RISK
2024-03-05 CVE-2024-21815 Insufficiently Protected Credentials vulnerability in Gallagher Command Centre
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users.
network
low complexity
gallagher CWE-522
6.5
2024-03-05 CVE-2024-21838 Cross-site Scripting vulnerability in Gallagher Command Centre
Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre.
network
low complexity
gallagher CWE-79
5.4
2023-12-18 CVE-2023-23570 Unspecified vulnerability in Gallagher Command Centre
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior.
network
low complexity
gallagher
8.1
2023-07-25 CVE-2023-23568 Unspecified vulnerability in Gallagher Command Centre
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior
network
low complexity
gallagher
5.4
2023-07-25 CVE-2023-25074 Unspecified vulnerability in Gallagher Command Centre
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior.
network
low complexity
gallagher
5.4
2023-07-24 CVE-2023-22428 Unspecified vulnerability in Gallagher Command Centre
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831(MR8), vEL8.40 and prior.
network
low complexity
gallagher
6.5