CVE-2019-19801

EUVD-2019-9399
In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
gallaghercommand_centre
𝑥
< 7.70
gallaghercommand_centre
7.80 ≤
𝑥
< 7.80.960
gallaghercommand_centre
7.90 ≤
𝑥
< 7.90.991
gallaghercommand_centre
8.00 ≤
𝑥
< 8.00.1161
gallaghercommand_centre
8.10 ≤
𝑥
< 8.10.1134
gallaghercommand_centre
7.80.960
gallaghercommand_centre
7.90.991
gallaghercommand_centre
8.00.1161
gallaghercommand_centre
8.10.1134
𝑥
= Vulnerable software versions
References
https://security.gallagher.com/cve-2019-19801
https://security.gallagher.com/cve-2019-19801