CVE-2026-26053
MEDIUMGallagher Command Centre Server - Incorrect Privilege Assignment
Title source: ruleDescription
An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.
References (1)
Core 1
Scores
CVSS v3
5.3
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-266
Status
published
Products (5)
Gallagher/Command Centre Server
9.10
Gallagher/Command Centre Server
9.20 - vEL9.20.4349(MR7)
Gallagher/Command Centre Server
9.30 - vEL9.30.3983(MR5)
Gallagher/Command Centre Server
9.40 - vEL9.40.3130(MR3)
Gallagher/Command Centre Server
9.50 - vEL9.50.1587(MR1)
Published
Jul 07, 2026
Tracked Since
Jul 07, 2026