Access Control Flaw in Gallagher Command Centre Products
CVE-2023-23576

4.3MEDIUM

Key Information:

Vendor: Gallagher
Status: Command Centre Server
Vendor: CVE Published:; 18 December 2023

What is CVE-2023-23576?

The vulnerability in Gallagher Command Centre arises from improper behavior management during access decisions around network outages. This flaw could enable privileged users to retain physical access to secured areas for an extended duration, posing a significant risk. Affected users should update to the latest software versions to mitigate this issue and enhance security protocols.

Affected Version(s)

Command Centre Server 0 <= 8.50

Command Centre Server 8.90 < 8.90.1620 (MR2)

Command Centre Server 8.80 < 8.80.1369 (MR3)

References

https://security.gallagher.com/Security-Advisories/CVE-20...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2023
Vulnerability Reserved
Feb 3, 2023