13 matches found
EUVD-2021-10300
Malware in sbrugna...
CVE-2024-21838
Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...
CVE-2021-23211
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3...
CVE-2021-23205
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to...
Authorization
Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3; 8.20 versions prior t...
Information disclosure
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; All versions of 8.30...
CVE-2021-23182
The CVE-2021-23182 issue affects Gallagher Command Centre Server, where cleartext storage of sensitive information in memory enables discovery of OSDP reader master keys in server memory dumps. Affected are Gallagher Command Centre Server versions prior to 8.40.1888 (MR3) and all 8.30 versions. T...
CVE-2021-23205
Gallagher Command Centre Server is affected by an improper encoding/escaping vulnerability that lets a Command Centre Operator alter the configuration of controllers and other hardware items beyond their privileges. Affected versions include Gallagher Command Centre 8.40 before 8.40.1888 (MR3), 8...
CVE-2021-23204
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3...
CVE-2021-23182
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; All versions of 8.30...
PT-2021-15399 · Gallagher · Gallagher Command Centre Server
Name of the Vulnerable Software and Affected Versions: Gallagher Command Centre Server versions prior to 8.40.1888 MR3 Gallagher Command Centre Server version 8.30 Description: The issue is related to the cleartext storage of sensitive information in memory, specifically allowing OSDP reader mast...
CVE-2020-16103
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236MR1; 8.20 versions prior to 8.20.1166MR3; 8.10 versions prior to 8.10.1211MR5; versi...
CVE-2020-16103
CVE-2020-16103 is a type-confusion vulnerability in Gallagher Command Centre Server. Affected products include Gallagher Command Centre 8.30 (before 8.30.1236 MR1), 8.20 (before 8.20.1166 MR3), 8.10 (before 8.10.1211 MR5), and 8.00 and earlier versions. The issue allows a remote attacker to crash...