Arbitrary Event Creation and Information Disclosure Vulnerability in Gallagher Command Centre

Arbitrary Event Creation and Information Disclosure Vulnerability in Gallagher Command Centre

CVE-2019-12492 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows arbitrary event creation and information disclosure via the FT Command Centre Service and FT Controller Service services.

Learn more about our Web Application Penetration Testing UK.