Improper Authentication Flaw in Gallagher Command Centre Server by Gallagher
CVE-2020-16102

7.1HIGH

Key Information:

Vendor: Gallagher
Status: Command Centre
Vendor: CVE Published:; 14 December 2020

What is CVE-2020-16102?

An improper authentication vulnerability exists within the Gallagher Command Centre Server. This flaw permits an unauthenticated remote attacker to create items with incorrect configurations. Such actions could potentially lead to server crashes and the inability of the server to restart effectively. The affected versions include several iterations of the Gallagher Command Centre software, emphasizing the necessity for users to apply the latest patches to safeguard against exploitation.

Affected Version(s)

Command Centre <= 7.90

Command Centre 8.30 < 8.30.1299(MR2)

Command Centre 8.20 < 8.20.1218(MR4)

References

https://security.gallagher.com/Security-Advisories/CVE-20...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 14, 2020
Vulnerability Reserved
Jul 28, 2020