CVE-2019-19801

In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
gallaghercommand_centre
𝑥
< 7.70
gallaghercommand_centre
7.80 ≤
𝑥
< 7.80.960
gallaghercommand_centre
7.90 ≤
𝑥
< 7.90.991
gallaghercommand_centre
8.00 ≤
𝑥
< 8.00.1161
gallaghercommand_centre
8.10 ≤
𝑥
< 8.10.1134
gallaghercommand_centre
7.80.960
gallaghercommand_centre
7.90.991
gallaghercommand_centre
8.00.1161
gallaghercommand_centre
8.10.1134
𝑥
= Vulnerable software versions
References
https://security.gallagher.com/cve-2019-19801
https://security.gallagher.com/cve-2019-19801