What is CVE-2020-16100?

CVE-2020-16100 is a high-severity vulnerability in Gallagher Command Centre, classified under Improper Resource Shutdown or Release. CVSS score: 7.5/10. Published 2020-09-15.

How severe is CVE-2020-16100?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Gallagher Command Centre

CVE-2020-16100

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket…

EPSS: 0.004 (63.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Gallagher Command Centre — versions unspecified, 8.20, 8.10

Weakness classification (CWE)

CWE-404 — Improper Resource Shutdown or Release

References

security.gallagher.com/Security-Advisories/CVE-2020-16100 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-16100?: CVE-2020-16100 is a high-severity vulnerability in Gallagher Command Centre, classified under Improper Resource Shutdown or Release. CVSS score: 7.5/10. Published 2020-09-15.
How severe is CVE-2020-16100?: High severity. CVSS v3 base score is 7.5 out of 10.