Unprivileged Authenticated User Backup Vulnerability in Gallagher Command Centre Server

Unprivileged Authenticated User Backup Vulnerability in Gallagher Command Centre Server

CVE-2019-19801 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases.

Learn more about our Cis Benchmark Audit For Server Software.