What is the severity of CVE-2020-7215?

CVE-2020-7215 is classified as a medium severity vulnerability due to potential exposure of sensitive system configuration data.

How do I fix CVE-2020-7215?

To remediate CVE-2020-7215, upgrade Gallagher Command Centre to versions 7.90.992 or later, 8.00.1162 or later, or 8.10.1135 or later.

What are the potential impacts of CVE-2020-7215?

The potential impact of CVE-2020-7215 includes unauthorized access to sensitive external system configuration data logged in the event trail.

Is my Gallagher Command Centre installation affected by CVE-2020-7215?

Gallagher Command Centre versions earlier than 7.90.992, 8.00.1162, and 8.10.1135 are affected by CVE-2020-7215.

Who can be impacted by CVE-2020-7215?

Any authenticated users of Gallagher Command Centre with access to the event trail can be impacted by CVE-2020-7215.

Vulnerability/
CVE-2020-7215

medium

5.5

CWE

532

20/1/2020

4/8/2024

CVE-2020-7215

First published: Mon Jan 20 2020(Updated: )

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991(MR5), 8.00 before 8.00.1161(MR5), and 8.10 before 8.10.1134(MR4). External system configuration data (used for third party integrations such as DVR systems) were logged in the Command Centre event trail. Any authenticated operator with the 'view events' privilege could see the full configuration, including cleartext usernames and passwords, under the event details of a Modified DVR System event.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Gallagher Command Centre	<7.80
Gallagher Command Centre	>=7.90<7.90.991
Gallagher Command Centre	>=8.00<8.00.1161
Gallagher Command Centre	>=8.10<8.10.1134
Gallagher Command Centre	=7.90.991
Gallagher Command Centre	=8.00.1161
Gallagher Command Centre	=8.10.1134

Never miss a vulnerability like this again

Reference Links

https://security.gallagher.com/cve-2020-7215

Frequently Asked Questions

What is the severity of CVE-2020-7215?
CVE-2020-7215 is classified as a medium severity vulnerability due to potential exposure of sensitive system configuration data.
How do I fix CVE-2020-7215?
To remediate CVE-2020-7215, upgrade Gallagher Command Centre to versions 7.90.992 or later, 8.00.1162 or later, or 8.10.1135 or later.
What are the potential impacts of CVE-2020-7215?
The potential impact of CVE-2020-7215 includes unauthorized access to sensitive external system configuration data logged in the event trail.
Is my Gallagher Command Centre installation affected by CVE-2020-7215?
Gallagher Command Centre versions earlier than 7.90.992, 8.00.1162, and 8.10.1135 are affected by CVE-2020-7215.
Who can be impacted by CVE-2020-7215?
Any authenticated users of Gallagher Command Centre with access to the event trail can be impacted by CVE-2020-7215.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/last-modified-date
agent/severity
agent/weakness
agent/first-publish-date
agent/event
agent/description
agent/tags
agent/source
vendor/gallagher
canonical/gallagher command centre
version/gallagher command centre/7.90
version/gallagher command centre/8.00
version/gallagher command centre/8.10
version/gallagher command centre/7.90.991
version/gallagher command centre/8.00.1161
version/gallagher command centre/8.10.1134

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.