An issue was discovered in Gallagher Command Centre 7.x before 7.90.991(MR5), 8.00 before 8.00.1161(MR5), and 8.10 before 8.10.1134(MR4). External system configuration data (used for third party integrations such as DVR systems) were logged in the Command Centre event trail. Any authenticated operator with the 'view events' privilege could see the full configuration, including cleartext usernames and passwords, under the event details of a Modified DVR System event.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://security.gallagher.com/cve-2020-7215 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-20T05:32:30
Updated: 2024-08-04T09:25:48.421Z
Reserved: 2020-01-16T00:00:00
Link: CVE-2020-7215
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-01-20T06:15:11.877
Modified: 2024-11-21T05:36:50.780
Link: CVE-2020-7215
Redhat
No data.