PT-2020-10242 · Gallagher · Gallagher Command Centre Server

Published

2020-01-17

Updated

2020-08-24

CVE-2019-19801

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Gallagher Command Centre Server versions prior to 8.10.1134(MR4) Gallagher Command Centre Server versions prior to 8.00.1161(MR5) Gallagher Command Centre Server versions prior to 7.90.991(MR5) Gallagher Command Centre Server versions prior to 7.80.960(MR2) Gallagher Command Centre Server version 7.70 or earlier

Description An issue exists where an unprivileged but authenticated user can perform a backup of the Command Centre databases.

Recommendations For versions prior to 8.10.1134(MR4), update to version 8.10.1134(MR4) or later. For versions prior to 8.00.1161(MR5), update to version 8.00.1161(MR5) or later. For versions prior to 7.90.991(MR5), update to version 7.90.991(MR5) or later. For versions prior to 7.80.960(MR2), update to version 7.80.960(MR2) or later. For version 7.70 or earlier, update to a version later than 7.70.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-19801

Affected Products

Gallagher Command Centre Server

PT-2020-10242 · Gallagher · Gallagher Command Centre Server

CVE-2019-19801

Related Identifiers

Affected Products

References · 3