Vulnerabilities > Gallagher > Command Centre > 9.00

DATE CVE VULNERABILITY TITLE RISK
2024-03-05 CVE-2024-21815 Insufficiently Protected Credentials vulnerability in Gallagher Command Centre
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users.
network
low complexity
gallagher CWE-522
6.5
2024-03-05 CVE-2024-21838 Cross-site Scripting vulnerability in Gallagher Command Centre
Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre.
network
low complexity
gallagher CWE-79
5.4
2023-12-18 CVE-2023-46686 Unspecified vulnerability in Gallagher Command Centre 9.00/9.00.1507
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols.
network
low complexity
gallagher
7.1