Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
gallagher

Command Centre

24 Versions 26 CVEs

Versions

7.70

MAJOR_MINOR 1 CVE

8.90

MAJOR_MINOR 1 CVE

vEL8.40

OTHER 3 CVEs

8.90.1620 (MR2)

OTHER 1 CVE

8.60

MAJOR_MINOR 1 CVE

8.00

MAJOR_MINOR 9 CVEs

unspecified

OTHER 15 CVEs

8.40

MAJOR_MINOR 10 CVEs

vEL8.50

OTHER 3 CVEs

8.20

MAJOR_MINOR 14 CVEs

7.80

MAJOR_MINOR 1 CVE

9.10

MAJOR_MINOR 1 CVE

8.50

MAJOR_MINOR 4 CVEs

8.30

MAJOR_MINOR 12 CVEs

vCR8.20

OTHER 1 CVE

vEL8.80

OTHER 4 CVEs

vGR7.80

OTHER 1 CVE

vEL8.90

OTHER 2 CVEs

vEL8.60

OTHER 3 CVEs

0

SINGLE_NUMBER 1 CVE

8.10

MAJOR_MINOR 13 CVEs

7.90

MAJOR_MINOR 7 CVEs

8.80

MAJOR_MINOR 1 CVE

vEL8.70

OTHER 3 CVEs

Recent CVEs

CVE-2024-23194

Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).

LOW Jul 11, 2024

CVE-2023-23570

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 (MR2), all versions of 8.80 and prior.

MEDIUM Dec 18, 2023

CVE-2023-23568

Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior

MEDIUM Jul 25, 2023

CVE-2023-22363

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)

MEDIUM Jul 24, 2023

CVE-2023-25074

Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior.

HIGH Jul 24, 2023

CVE-2023-22428

Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831(MR8), vEL8.40 and prior.

HIGH Jul 24, 2023