Cleartext Storage Vulnerability in Gallagher Command Centre Server
CVE-2021-23211

6MEDIUM

Key Information:

Vendor: Gallagher
Status: Command Centre
Vendor: CVE Published:; 11 June 2021

What is CVE-2021-23211?

A vulnerability in Gallagher Command Centre Server allows sensitive information, specifically the end-to-end encryption key, to be exposed in server memory dumps. This issue affects versions prior to 8.40.1888, posing risks to data integrity and confidentiality.

Affected Version(s)

Command Centre 8.40 < 8.40.1888 (MR3)

References

https://security.gallagher.com/Security-Advisories/CVE-20...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2021
Vulnerability Reserved
Jan 26, 2021