CVE-2024-21815

Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 (MR2), 8.90 prior to vEL8.90.1751 (MR3), 8.80 prior to vEL8.80.1526 (MR4), 8.70 prior to vEL8.70.2526 (MR6),  all version of 8.60 and prior.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*

History

10 Feb 2025, 22:36

Type Values Removed Values Added
CPE cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
References () https://security.gallagher.com/Security-Advisories/CVE-2024-21815 - () https://security.gallagher.com/Security-Advisories/CVE-2024-21815 - Vendor Advisory
First Time Gallagher
Gallagher command Centre

21 Nov 2024, 08:55

Type Values Removed Values Added
References () https://security.gallagher.com/Security-Advisories/CVE-2024-21815 - () https://security.gallagher.com/Security-Advisories/CVE-2024-21815 -

05 Mar 2024, 13:41

Type Values Removed Values Added
Summary
  • (es) Las credenciales insuficientemente protegidas (CWE-522) para integraciones de DVR de terceros al Command Center Server son accesibles para usuarios autenticados pero sin privilegios. Este problema afecta a: Gallagher Command Center 9.00 anterior a vEL9.00.1774 (MR2), 8.90 anterior a vEL8.90.1751 (MR3), 8.80 anterior a vEL8.80.1526 (MR4), 8.70 anterior a vEL8.70.2526 (MR6), todas las versiones de 8.60 y anteriores.

05 Mar 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-05 03:15

Updated : 2025-02-10 22:36


NVD link : CVE-2024-21815

Mitre link : CVE-2024-21815

CVE.ORG link : CVE-2024-21815


JSON object : View

Products Affected

gallagher

  • command_centre
CWE
CWE-522

Insufficiently Protected Credentials