What is CVE-2020-16096?

CVE-2020-16096 is a critical-severity vulnerability in Gallagher Command Centre, classified under Improper Authorization. CVSS score: 9.9/10. Published 2020-09-15.

How severe is CVE-2020-16096?

Critical severity. CVSS v3 base score is 9.9 out of 10.

Auth bypass in Gallagher Command Centre

CVE-2020-16096

In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicat…

EPSS: 0.002 (44.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Gallagher Command Centre — versions unspecified, 8.10, 8.00

Weakness classification (CWE)

CWE-285 — Improper Authorization

References

security.gallagher.com/Security-Advisories/CVE-2020-16096 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-16096?: CVE-2020-16096 is a critical-severity vulnerability in Gallagher Command Centre, classified under Improper Authorization. CVSS score: 9.9/10. Published 2020-09-15.
How severe is CVE-2020-16096?: Critical severity. CVSS v3 base score is 9.9 out of 10.