Vulnerabilidades en Gallagher
67 resultadosCVE-2020-16103HIGHType confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. ThisEPSS 2.2%CVE-2020-16098CRITICALIt is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8EPSS 1.1%CVE-2020-16100HIGHIt is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to imEPSS 1.0%CVE-2020-16101HIGHIt is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer acEPSS 1.0%CVE-2020-16102HIGHImproper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invaEPSS 1.0%CVE-2020-16104HIGHSQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data IntEPSS 0.9%CVE-2021-23205HIGHImproper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers EPSS 0.9%CVE-2021-23140CRITICALImproper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised CommandEPSS 0.9%CVE-2021-23146HIGHAn Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This EPSS 0.9%CVE-2020-16099MEDIUMIn Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like repEPSS 0.8%CVE-2020-16096CRITICALIn Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to EPSS 0.8%CVE-2022-26078HIGHGallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue afEPSS 0.8%CVE-2021-23204HIGHExposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be eEPSS 0.7%CVE-2021-23193HIGHImproper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators EPSS 0.7%CVE-2023-23570MEDIUM
Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undeEPSS 0.7%CVE-2021-23230CRITICALA SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modEPSS 0.7%CVE-2023-24590HIGH
A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instaEPSS 0.6%CVE-2024-43690HIGHInclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to perEPSS 0.6%CVE-2021-23136MEDIUMImproper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command CeEPSS 0.6%CVE-2023-46686MEDIUM
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre DiaEPSS 0.5%