Vulnerabilities > Gallagher > Command Centre > 8.50.2831

DATE CVE VULNERABILITY TITLE RISK
2024-03-05 CVE-2024-21815 Insufficiently Protected Credentials vulnerability in Gallagher Command Centre
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users.
network
low complexity
gallagher CWE-522
6.5
2024-03-05 CVE-2024-21838 Cross-site Scripting vulnerability in Gallagher Command Centre
Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre.
network
low complexity
gallagher CWE-79
5.4
2023-12-18 CVE-2023-23570 Unspecified vulnerability in Gallagher Command Centre
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior.
network
low complexity
gallagher
8.1