An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:LGallagher Command Centre
APPGallagher≤ 8.008.10 – 8.10.1284 (bez)8.20 – 8.20.1259 (bez)8.30 – 8.30.1359 (bez)8.40 – 8.40.1888 (bez)
Related vulnerabilities
Gallagher Command Centre: niechronione dane uwierzytelniające integracji DVR
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged ...
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modif...
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in...
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to...