Primary

Context

Gallagher Command Centre Server Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Gallagher Command Centre Server versions 9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), and all versions of 8.90 and prior. This vulnerability arises from an uncaught exception, allowing an authorized and privileged operator to intentionally crash the Command Centre Server.

Impact

Exploitation of this vulnerability leads to a crash of the Command Centre Server, causing a denial-of-service condition.

Remediation

To reduce exposure to this vulnerability, ensure that appropriate privilege limitations have been placed on operators.

Added: Oct 23, 2025, 4:19 AM

Updated: Oct 23, 2025, 4:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.9

remediation

8.3

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.9

remediation

8.3

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Gallagher Command Centre Server Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Gallagher Command Centre Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating