CVE-2020-16096

HIGH Year: 2020
CVSS v3 Score
7.7
High
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-285
View all →

Vulnerability Description

In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is) attached to a multi-server environment. This can include plain text credentials for DVR systems and card details used for physical access/alarm/perimeter components.

Related Vulnerabilities

CVE-2022-31668

HIGH
CVSS:7.7(High)

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authentica...

CWE-2852022

CVE-2022-31669

HIGH
CVSS:7.7(High)

Harbor fails to validate the user permissions when updating tag immutability policies. By sending a request to update a tag immutability policy with an id that belongs to a project that the currently ...

CWE-2852022

CVE-2022-31670

HIGH
CVSS:7.7(High)

Harbor fails to validate the user permissions when updating tag retention policies. By sending a request to update a tag retention policy with an id that belongs to a project that the currently authen...

CWE-2852022

CVE-2024-47053

HIGH
CVSS:7.7(High)

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. * Improper Authorizatio...

CWE-2852024

CVE-2014-9945

HIGH
CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

CWE-2852014

CVE-2014-9950

HIGH
CVSS:7.8(High)

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

CWE-2852014