Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ;
References
Link | Resource |
---|---|
https://security.gallagher.com/Security-Advisories/CVE-2021-23197 | Vendor Advisory |
Configurations
History
23 Nov 2021, 17:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:* | |
CWE | CWE-428 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
References | (MISC) https://security.gallagher.com/Security-Advisories/CVE-2021-23197 - Vendor Advisory |
18 Nov 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-18 19:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-23197
Mitre link : CVE-2021-23197
CVE.ORG link : CVE-2021-23197
JSON object : View
Products Affected
gallagher
- command_centre
CWE
CWE-428
Unquoted Search Path or Element