CVE-2024-42407 Information

Description

Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access.

This issue affects: Command Centre Server 9.10 prior to 9.10.2149 (MR4) 9.00 prior to 9.00.2374 (MR5) 8.90 prior to 8.90.2356 (MR6) all versions of 8.80 and prior.

Reference

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-42407