CVE-2021-23146
7.1
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
Summary
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Gallagher | Command Center | 8.40 prior to 8.40.1888 (MR3) | affected |
| Gallagher | Command Center | 8.30 prior to 8.30.1359 (MR3) | affected |
| Gallagher | Command Center | 8.20 prior to 8.20.1259 (MR5) | affected |
| Gallagher | Command Center | 8.10 prior to 8.10.1284 (MR7) | affected |
| Gallagher | Command Center | 8.00 and prior | affected |
Weaknesses
- CWE-1023: CWE-1023
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.