Filtered by vendor Gallagher
Subscribe
Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19802 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without privilege checks being applied. | |||||
| CVE-2019-19801 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases. | |||||
| CVE-2019-15294 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Command_centre.log file. | |||||
| CVE-2019-12492 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows arbitrary event creation and information disclosure via the FT Command Centre Service and FT Controller Service services. | |||||