A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HGallagher Command Centre
APPGallagher8.10.12848.20.12598.30.13598.40.1888≤ 8.008.40 – 8.40.1888 (bez)8.10 – 8.10.1284 (bez)8.20 – 8.20.1259 (bez)8.30 – 8.30.1359 (bez)
Powiązane podatności
Gallagher Command Centre: niechronione dane uwierzytelniające integracji DVR
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modif...
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in...
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to...
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade, if a custom s...