Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access.
This issue affects: Command Centre Server 9.10 prior to 9.10.2149 (MR4), 9.00 prior to 9.00.2374 (MR5), 8.90 prior to 8.90.2356 (MR6), all versions of 8.80 and prior.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 12 Dec 2024 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access. This issue affects: Command Centre Server 9.10 prior to 9.10.2149 (MR4), 9.00 prior to 9.00.2374 (MR5), 8.90 prior to 8.90.2356 (MR6), all versions of 8.80 and prior. | |
Weaknesses | CWE-532 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Gallagher
Published: 2024-12-12T01:36:12.364Z
Updated: 2024-12-12T15:18:01.369Z
Reserved: 2024-08-28T02:46:11.141Z
Link: CVE-2024-42407
Vulnrichment
Updated: 2024-12-12T15:17:56.832Z
NVD
Status : Received
Published: 2024-12-12T02:15:23.017
Modified: 2024-12-12T02:15:23.017
Link: CVE-2024-42407
Redhat
No data.