Описание
In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without privilege checks being applied.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.70 (исключая)Версия от 7.80 (включая) до 7.80.960 (исключая)Версия от 7.90 (включая) до 7.90.991 (исключая)Версия от 8.00 (включая) до 8.00.1161 (исключая)Версия от 8.10 (включая) до 8.10.1134 (исключая)
Одно из
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:7.80.960:-:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:7.90.991:-:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:8.00.1161:-:*:*:*:*:*:*
cpe:2.3:a:gallagher:command_centre:8.10.1134:-:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00215
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
github
больше 3 лет назад
In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without privilege checks being applied.
EPSS
Процентиль: 44%
0.00215
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862