Vulnerabilities > Gallagher > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-06 | CVE-2022-26348 | SQL Injection vulnerability in Gallagher Command Centre Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. | 2.1 |
| 2021-06-11 | CVE-2021-23230 | SQL Injection vulnerability in Gallagher Command Centre A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. | 3.5 |
| 2021-06-11 | CVE-2021-23211 | Cleartext Storage of Sensitive Information vulnerability in Gallagher Command Centre Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. | 2.1 |
| 2020-09-15 | CVE-2020-16097 | Unspecified vulnerability in Gallagher Command Centre On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5)), v8.00 prior to vGR8.00.165 (Distributed in v8.00.1228(MR6)), v7.90 prior to vGR7.90.165 (distributed in v7.90.1038(MRX)), v7.80 or earlier, It is possible to retrieve site keys used for securing MIFARE Plus and Desfire using debug ports on T Series readers. | 2.1 |
| 2020-09-15 | CVE-2020-16099 | Unspecified vulnerability in Gallagher Command Centre 8.20/8.20.1093 In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect. network gallagher | 3.5 |
| 2020-01-20 | CVE-2020-7215 | Information Exposure vulnerability in Gallagher Command Centre An issue was discovered in Gallagher Command Centre 7.x before 7.90.991(MR5), 8.00 before 8.00.1161(MR5), and 8.10 before 8.10.1134(MR4). | 2.1 |
| 2020-01-17 | CVE-2019-19801 | Unspecified vulnerability in Gallagher Command Centre In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases. | 2.1 |