CVE-2026-26053

MEDIUM

Gallagher Command Centre Server - Incorrect Privilege Assignment

Title source: rule
STIX 2.1

Description

An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.

Scores

CVSS v3 5.3
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-266
Status published
Products (5)
Gallagher/Command Centre Server 9.10
Gallagher/Command Centre Server 9.20 - vEL9.20.4349(MR7)
Gallagher/Command Centre Server 9.30 - vEL9.30.3983(MR5)
Gallagher/Command Centre Server 9.40 - vEL9.40.3130(MR3)
Gallagher/Command Centre Server 9.50 - vEL9.50.1587(MR1)
Published Jul 07, 2026
Tracked Since Jul 07, 2026