Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallagher command centre vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-23182
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); All versions of 8.30.
Gallagher Command Centre
8.5
CVSSv2
CVE-2021-23205
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); 8.30 ver...
Gallagher Command Centre
2.1
CVSSv2
CVE-2021-23211
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3).
Gallagher Command Centre
4
CVSSv2
CVE-2021-23204
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); 8.30 versions before ...
Gallagher Command Centre
6.4
CVSSv2
CVE-2020-16102
Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote malicious user to create items with invalid configuration, potentially causing the server to crash and fail to restart. This issue affects: Gallagher Command Centre 8.30 vers...
Gallagher Command Centre
Gallagher Command Centre 8.00.1252
Gallagher Command Centre 8.10.1253
Gallagher Command Centre 8.20.1218
Gallagher Command Centre 8.30.1299
6.5
CVSSv2
CVE-2020-16103
Type confusion in Gallagher Command Centre Server allows a remote malicious user to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions before 8.30.1236(MR1); 8.20 versions before 8.20.1166(MR3); 8.10 versions befor...
Gallagher Command Centre
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
Gallagher Command Centre 8.30.1236
6.5
CVSSv2
CVE-2020-16104
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database....
Gallagher Command Centre
Gallagher Command Centre 8.00.1228
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
Gallagher Command Centre 8.30.1236
4
CVSSv2
CVE-2020-16096
In Gallagher Command Centre versions 8.10 before 8.10.1134(MR4), 8.00 before 8.00.1161(MR5), 7.90 before 7.90.991(MR5), 7.80 before 7.80.960(MR2), 7.70 and previous versions, any operator account has access to all data that would be replicated if the system were to be (or is) att...
Gallagher Command Centre
Gallagher Command Centre 7.80.960
Gallagher Command Centre 7.90.991
Gallagher Command Centre 8.00.1161
Gallagher Command Centre 8.10.1134
3.5
CVSSv2
CVE-2020-16099
In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect.
Gallagher Command Centre
Gallagher Command Centre 8.20.1093
5
CVSSv2
CVE-2020-16100
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket (Configuration Client) connections....
Gallagher Command Centre
Gallagher Command Centre 8.00.1228
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »