Severity: Medium (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
Components affected: Gallagher Command Centre Client
Version of Command Centre affected: Versions of v8.20 prior to v8.20.1093(MR2)
Reported by: Gallagher
Active exploitation of vulnerability*: No
Description of vulnerability: In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect.
Mitigation: This can only be triggered if you have Guard Tours in the system.
Maintenance releases are now available for:
v8.20 - v8.20.1093(MR2)
- These maintenance upgrades require the Command Centre server to be upgraded.
*This indicates whether Gallagher are aware of this being maliciously exploited against customer sites.