CVE-2019-12492

The CVE-2019-12492 entry concerns Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128. The connected documents indicate the vulnerability enables arbitrary event creation and information disclosure through the FT Command Centre Service and FT Controller Serv...

CVE-2019-19801

CVE-2019-19801 affects Gallagher Command Centre Server versions: v8.10 before 8.10.1134 (MR4), v8.00 before 8.00.1161 (MR5), v7.90 before 7.90.991 (MR5), v7.80 before 7.80.960 (MR2), and v7.70 or earlier. The issue allows an unprivileged but authenticated user to perform a backup of the Command C...

CVE-2020-7215

Gallagher Command Centre (versions 7.x prior to 7.90.991 MR5; 8.00 prior to 8.00.1161 MR5; 8.10 prior to 8.10.1134 MR4) contains an information disclosure vulnerability where external system configuration data used for third‑party integrations (e.g., DVR systems) is logged in the Event Trail. Any...

CVE-2019-19802

The CVE covers Gallagher Command Centre Server: affected versions are v8.10 before 8.10.1134 (MR4), v8.00 before 8.00.1161 (MR5), v7.90 before 7.90.991 (MR5), v7.80 before 7.80.960 (MR2), and v7.70 or earlier. An authenticated user connecting to OPC UA can view all data that would be replicated i...

CVE-2020-16104

CVE-2020-16104 describes an SQL injection vulnerability in the Enterprise Data Interface (EDI) of Gallagher Command Centre. Remote attackers with the privilege to edit EDI entries can execute arbitrary SQL against a third‑party database if EDI is configured to import data from that database. Affe...

CVE-2020-16102

Gallagher Command Centre Server is affected by an Improper Authentication vulnerability (CVE-2020-16102) allowing an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash and fail to restart. Public references list affected versions: 8...