An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Command_centre.log file.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGallagher Command Centre
APPGallagher8.10 – 8.10.1092 (bez)
Powiązane podatności
Gallagher Command Centre: niechronione dane uwierzytelniające integracji DVR
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged ...
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modif...
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in...
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to...