Gallagher Command_centre

37 CVEs affecting Gallagher Command_centre. Latest disclosed: 2024-03-05. Critical: 6, High: 14.

Top CVEs affecting Gallagher Command_centre
CVESeverityScorePublishedSummary
CVE-2021-23230Critical9.92021-06-11A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre…
CVE-2021-23140Critical9.92021-06-11Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Command Centre Operator. T…
CVE-2020-16096Critical9.92020-09-15In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70…
CVE-2020-16098Critical9.82020-09-15It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20…
CVE-2019-15294Critical9.82019-08-28An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade, if a custom service account is in use and the visitor manageme…
CVE-2024-21815Critical9.12024-03-05 Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged…
CVE-2020-16103High8.82020-12-14Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gal…
CVE-2022-26348High8.22022-07-06Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attack…
CVE-2020-16104High8.22020-12-14SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege…
CVE-2021-23193High8.12021-11-18Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensiti…
CVE-2021-23167High8.12021-11-18Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server…
CVE-2021-23205High8.12021-06-11Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware…
CVE-2021-23204High8.12021-06-11Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command C…
CVE-2023-22428High7.62023-07-24 Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80…
CVE-2020-16101High7.52020-09-15It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected vers…
CVE-2020-16100High7.52020-09-15It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of…
CVE-2020-16097High7.32020-09-15On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5))…
CVE-2023-25074High7.12023-07-25 Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects C…
CVE-2021-23146High7.12021-11-18An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gall…
CVE-2020-16102High7.12020-12-14Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration…