← Zuruck zu CVEs
CVE-2020-16096
CRITICAL9.9
Beschreibung
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is) attached to a multi-server environment. This can include plain text credentials for DVR systems and card details used for physical access/alarm/perimeter components.
CVE Details
CVSS v3.1 Bewertung9.9
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht9/15/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
gallagher:command_centre
Schwachen (CWE)
CWE-285
Referenzen
https://security.gallagher.com/Security-Advisories/CVE-2020-16096(disclosures@gallagher.com)
https://security.gallagher.com/Security-Advisories/CVE-2020-16096(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.