CVE-2021-23197

Summary

Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ;

Affected Software

VendorProductVersion RangeStatus
GallagherCommand Centre8.50 < 8.50.2048 (MR3)affected

Weaknesses

  • CWE-428: CWE-428 Unquoted Search Path or Element

ADP Enrichment

CVE Program Container

Additional References

References