Severity: High (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H)
Components affected: Gallagher Command Centre Server
Version of Command Centre affected: v8.30 prior to v8.30.1299(MR2), v8.20 prior to v8.20.1218(MR4), v8.10 prior to v8.10.1253(MR6), v8.00 prior to v8.00.1252(MR7), v7.90 and earlier.
Reported by: Gallagher
Active exploitation of vulnerability*: No
Description of vulnerability: Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash and fail to restart. This issue affects: Gallagher Command Centre 8.30 versions prior to v8.30.1299(MR2); 8.20 versions prior to v8.20.1218(MR4); 8.10 versions prior to v8.10.1253(MR6); 8.00 versions prior to v8.00.1252(MR7); version 7.90 and prior versions.
Mitigation: Configure the firewall on the Command Centre server machine to restrict access to the DCOM websocket port (8905), as recommended in the Hardening Guide.
Maintenance releases are now available for:
- v8.30 - v8.30.1299(MR2)
- v8.20 - v8.20.1218(MR4)
- v8.10 - v8.10.1253(MR6)
- v8.00 - v8.00.1252(MR7)
- These maintenance upgrades require the Command Centre server to be upgraded.
*This indicates whether Gallagher are aware of this being actively exploited against customer sites.