Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallagher command centre vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-16101
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), v8.10 prior to v8.10.1211(MR5), v8.00 prior to v8.00.1228(MR6), all versions of ...
Gallagher Command Centre
Gallagher Command Centre 8.00.1228
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
2.1
CVSSv2
CVE-2020-7215
An issue exists in Gallagher Command Centre 7.x prior to 7.90.991(MR5), 8.00 prior to 8.00.1161(MR5), and 8.10 prior to 8.10.1134(MR4). External system configuration data (used for third party integrations such as DVR systems) were logged in the Command Centre event trail. Any au...
Gallagher Command Centre
Gallagher Command Centre 7.90.991
Gallagher Command Centre 8.00.1161
Gallagher Command Centre 8.10.1134
NA
CVE-2023-46686
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 (distributed ...
Gallagher Command Centre
Gallagher Command Centre 9.00.1507
3.5
CVSSv2
CVE-2020-16099
In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect.
Gallagher Command Centre
Gallagher Command Centre 8.20.1093
NA
CVE-2023-22428
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vE...
Gallagher Command Centre
2.1
CVSSv2
CVE-2022-26348
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has ...
Gallagher Command Centre
NA
CVE-2023-25074
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), v...
Gallagher Command Centre
2.1
CVSSv2
CVE-2021-23182
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); All versions of 8.30.
Gallagher Command Centre
4
CVSSv2
CVE-2021-23193
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions before 8.50.204...
Gallagher Command Centre
NA
CVE-2023-23568
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185...
Gallagher Command Centre
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »