CVE-2022-26348 - OpenCVE

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gallagher	Command Centre

Configuration 1 [-]

OR	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::

No data.

References

Link	Providers
https://security.gallagher.com/Security-Advisories/CVE-2022-26348

History

No history.

MITRE

Status: PUBLISHED

Assigner: Gallagher

Published: 2022-07-06T16:29:59

Updated: 2024-08-03T05:03:32.775Z

Reserved: 2022-03-04T00:00:00

Link: CVE-2022-26348

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-07-06T17:15:07.937

Modified: 2022-07-14T12:31:41.157

Link: CVE-2022-26348

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Command Centre", "vendor": "Gallagher", "versions": [{"lessThanOrEqual": "8.20", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "8.60.1652", "status": "affected", "version": "8.60", "versionType": "custom"}, {"lessThan": "8.50.2245", "status": "affected", "version": "8.50", "versionType": "custom"}, {"lessThan": "8.40.2216", "status": "affected", "version": "8.40", "versionType": "custom"}, {"lessThan": "8.30.1470", "status": "affected", "version": "8.30", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 SQL Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-06T16:29:59", "orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "shortName": "Gallagher"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.gallagher.com/Security-Advisories/CVE-2022-26348"}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "disclosures@gallagher.com", "ID": "CVE-2022-26348", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Command Centre", "version": {"version_data": [{"version_affected": "<", "version_name": "8.60", "version_value": "8.60.1652"}, {"version_affected": "<", "version_name": "8.50", "version_value": "8.50.2245"}, {"version_affected": "<", "version_name": "8.40", "version_value": "8.40.2216"}, {"version_affected": "<", "version_name": "8.30", "version_value": "8.30.1470"}, {"version_affected": "<=", "version_value": "8.20"}]}}]}, "vendor_name": "Gallagher"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-89 SQL Injection"}]}]}, "references": {"reference_data": [{"name": "https://security.gallagher.com/Security-Advisories/CVE-2022-26348", "refsource": "MISC", "url": "https://security.gallagher.com/Security-Advisories/CVE-2022-26348"}]}, "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:03:32.775Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.gallagher.com/Security-Advisories/CVE-2022-26348"}]}]}, "cveMetadata": {"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc", "assignerShortName": "Gallagher", "cveId": "CVE-2022-26348", "datePublished": "2022-07-06T16:29:59", "dateReserved": "2022-03-04T00:00:00", "dateUpdated": "2024-08-03T05:03:32.775Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "matchCriteriaId": "08FDEAA9-8012-4149-9D76-77E41CB4DD10", "versionEndIncluding": "8.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "matchCriteriaId": "B661AF12-667B-4470-984E-AC109FE1B4A2", "versionEndExcluding": "8.30.1470", "versionStartIncluding": "8.30", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D083D37-176B-4A15-83D9-0486A2355D83", "versionEndExcluding": "8.40.2216", "versionStartIncluding": "8.40", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F3A5031-A6FF-4A4F-8B2F-14389BA76F0E", "versionEndExcluding": "8.50.2245", "versionStartIncluding": "8.50", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "matchCriteriaId": "58EF5C9C-9377-44A2-9EA8-664650955786", "versionEndExcluding": "8.60.1652", "versionStartIncluding": "8.60", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions."}, {"lang": "es", "value": "Command Centre Server es vulnerable a una inyecci\u00f3n SQL por medio de la configuraci\u00f3n del Registro de Windows para los campos de fecha en el servidor. La configuraci\u00f3n del Registro de Windows permite a un atacante usando el Kiosco de Administraci\u00f3n de Visitantes, una aplicaci\u00f3n dise\u00f1ada para uso p\u00fablico, invocar una consulta SQL arbitraria que ha sido precargada en el registro del Servidor de Windows para obtener informaci\u00f3n confidencial. Este problema afecta a: Gallagher Command Centre versiones 8.60 anteriores a 8.60.1652; versiones 8.50 anteriores a 8.50.2245; versiones 8.40 anteriores a 8.40.2216; versiones 8.30 anteriores a 8.30.1470; versiones 8.20 y anteriores"}], "id": "CVE-2022-26348", "lastModified": "2022-07-14T12:31:41.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "disclosures@gallagher.com", "type": "Secondary"}]}, "published": "2022-07-06T17:15:07.937", "references": [{"source": "disclosures@gallagher.com", "tags": ["Vendor Advisory"], "url": "https://security.gallagher.com/Security-Advisories/CVE-2022-26348"}], "sourceIdentifier": "disclosures@gallagher.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "disclosures@gallagher.com", "type": "Secondary"}]}