CVE-2024-21815
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Mar 5, 2024
CWE ID 522
Summary
CVE-2024-21815 is a vulnerability affecting the Gallagher Command Centre Server, where credentials for third-party DVR integrations are insufficiently protected (CWE-522). Authenticated but unprivileged users can access these credentials, posing a security risk. This issue affects various versions of the Gallagher Command Centre, including 9.00 prior to vEL9.00.1774 (MR2), 8.90 prior to vEL8.90.1751 (MR3), 8.80 prior to vEL8.80.1526 (MR4), 8.70 prior to vEL8.70.2526 (MR6), and all versions of 8.60 and prior.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share