CVE-2020-16099
Severity: Medium (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
Components affected: Gallagher Command Centre Client
Version of Command Centre affected: Versions of v8.20 prior to v8.20.1093(MR2)
Reported by: Gallagher
Active exploitation of vulnerability*: No
Description of vulnerability: In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect.
Mitigation: This can only be triggered if you have Guard Tours in the system.
Maintenance releases are now available for:
-
v8.20 - v8.20.1093(MR2)
Important notes:
- These maintenance upgrades require the Command Centre server to be upgraded.
*This indicates whether Gallagher are aware of this being maliciously exploited against customer sites.
Stay up to date with Gallagher
Get the latest Gallagher news, updates, and event information delivered straight to your inbox.