Input validation

2021-11-1819:15:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ; 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; 8.20 versions prior to 8.20.1291 (MR6); version 8.10 and prior versions.

CPENameOperatorVersion
command_centrele8.10
command_centrege8.20
command_centrelt8.20.1291
command_centrege8.30
command_centrelt8.30.1454
command_centrege8.40
command_centrelt8.40.2063
command_centrege8.50
command_centrelt8.50.2048

Name	Operator	Version
command_centre	le	8.10
command_centre	ge	8.20
command_centre	lt	8.20.1291
command_centre	ge	8.30
command_centre	lt	8.30.1454
command_centre	ge	8.40
command_centre	lt	8.40.2063
command_centre	ge	8.50
command_centre	lt	8.50.2048

References

security.gallagher.com/Security-Advisories/CVE-2021-23193