Vulnerability Details CVE-2021-23136
Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-23136
-
cpe:2.3:a:gallagher:command_centre:*
-
cpe:2.3:a:gallagher:command_centre:-
-
cpe:2.3:a:gallagher:command_centre:7.70
-
cpe:2.3:a:gallagher:command_centre:7.80
-
cpe:2.3:a:gallagher:command_centre:7.80.939
-
cpe:2.3:a:gallagher:command_centre:7.80.960
-
cpe:2.3:a:gallagher:command_centre:7.90
-
cpe:2.3:a:gallagher:command_centre:7.90.0
-
cpe:2.3:a:gallagher:command_centre:7.90.1038
-
cpe:2.3:a:gallagher:command_centre:7.90.961
-
cpe:2.3:a:gallagher:command_centre:7.90.991
-
cpe:2.3:a:gallagher:command_centre:8.0
-
cpe:2.3:a:gallagher:command_centre:8.00
-
cpe:2.3:a:gallagher:command_centre:8.00.1128
-
cpe:2.3:a:gallagher:command_centre:8.00.1161
-
cpe:2.3:a:gallagher:command_centre:8.00.1228
-
cpe:2.3:a:gallagher:command_centre:8.00.1252
-
cpe:2.3:a:gallagher:command_centre:8.10
-
cpe:2.3:a:gallagher:command_centre:8.20
-
cpe:2.3:a:gallagher:command_centre:8.20.1093
-
cpe:2.3:a:gallagher:command_centre:8.20.1166
-
cpe:2.3:a:gallagher:command_centre:8.20.1218
-
cpe:2.3:a:gallagher:command_centre:8.30
-
cpe:2.3:a:gallagher:command_centre:8.30.1236
-
cpe:2.3:a:gallagher:command_centre:8.30.1299