Security Advisories - Frequently Asked Questions

 

Q: What versions of Gallagher Command Centre are supported?

A: We support our latest version of Command Centre and the three previous versions.


Q: What if I’m on an earlier version of Command Centre, that is no longer supported?

A: Gallagher recommend all customers have Software Maintenance in place to stay up-to-date and remain on a supported version of software.


Q: What is a 'maintenance release'?

A: A maintenance release is a new version of Command Centre that addresses any functional bugs or security vulnerabilities identified. Maintenance releases only contain bug fixes and may only require a server upgrade.


Q: Is a maintenance release just a patch?

A: No, a maintenance release is a new Command Centre upgrade, not just a patch however they may only require a server upgrade.


Q: How much do these maintenance releases cost?

A: All maintenance releases are free if you are on a supported version of Command Centre.

Q: What will happen if I don’t use the maintenance release?

A: Your system will potentially be vulnerable to cyber attack. Some security advisories may contain other mitigations you can apply while arranging for the upgrade to reduce your risk.

Q: What happens if I have a customization?

A: Existing customizations should continue to work and should not be impacted.

Q: How are maintenance releases accessed?

A: Please contact your Gallagher Representative to access and install maintenance releases.

Q: What is a CVE?

A: CVE stands for Common Vulnerabilities and Exposures and is a list of common identifiers for publicly known cyber security vulnerabilities from around the world. CVE is now the industry standard for vulnerability and exposure identifiers. Having a single unique identifier ensures parties can confidently discuss and share information about a unique vulnerability, it provides a baseline tool for evaluation and it enables automated data exchange.