PT-2021-15399 · Gallagher · Gallagher Command Centre Server
Published
2021-06-11
·
Updated
2022-10-25
·
CVE-2021-23182
CVSS v3.1
6.0
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Gallagher Command Centre Server versions prior to 8.40.1888 (MR3)
Gallagher Command Centre Server version 8.30
Description
The issue is related to the cleartext storage of sensitive information in memory, specifically allowing OSDP reader master keys to be discoverable in server memory dumps.
Recommendations
For Gallagher Command Centre Server versions prior to 8.40.1888 (MR3), update to version 8.40.1888 (MR3) or later.
For Gallagher Command Centre Server version 8.30, there is no information about a newer version that contains a fix for this issue.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gallagher Command Centre Server