CVE-2020-16104

SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236(MR1); 8.20 versions prior to 8.20.1166(MR3); 8.10 versions prior to 8.10.1211(MR5); 8.00 versions prior to 8.00.1228(MR6); version 7.90 and prior versions.

CVSS v3 7.2 HIGH
CVSS v2.0 6.5 MEDIUM

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://security.gallagher.com/Security-Advisories/CVE-2020-16104	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre::::::::
	cpe:2.3:a:gallagher:command_centre:8.00.1228:-::::::
	cpe:2.3:a:gallagher:command_centre:8.00.1228:maintenance_release6::::::
	cpe:2.3:a:gallagher:command_centre:8.10.1211:-::::::
	cpe:2.3:a:gallagher:command_centre:8.10.1211:maintenance_release5::::::
	cpe:2.3:a:gallagher:command_centre:8.20.1166:-::::::
	cpe:2.3:a:gallagher:command_centre:8.20.1166:maintenance_release3::::::
	cpe:2.3:a:gallagher:command_centre:8.30.1236:-::::::
	cpe:2.3:a:gallagher:command_centre:8.30.1236:maintenance_release1::::::

History

No history.

Information

Published : 2020-12-14 20:15

Updated : 2023-12-10 13:41

NVD link : CVE-2020-16104

Mitre link : CVE-2020-16104

CVE.ORG link : CVE-2020-16104

JSON object : View

Products Affected

gallagher

command_centre

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2020-16104", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "disclosures@gallagher.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.3, "exploitabilityScore": 2.3}]}, "published": "2020-12-14T20:15:12.247", "references": [{"url": "https://security.gallagher.com/Security-Advisories/CVE-2020-16104", "tags": ["Vendor Advisory"], "source": "disclosures@gallagher.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Secondary", "source": "disclosures@gallagher.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236(MR1); 8.20 versions prior to 8.20.1166(MR3); 8.10 versions prior to 8.10.1211(MR5); 8.00 versions prior to 8.00.1228(MR6); version 7.90 and prior versions."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n SQL en Enterprise Data Interface de Gallagher Command Centre, permite a un atacante remoto con privilegio de \"Edit Enterprise Data Interfaces\" ejecutar un SQL arbitrario contra una base de datos de terceros si EDI est\u00e1 configurado para importar datos de esta base de datos. Este problema afecta a: Gallagher Command Center versiones 8.30 anteriores a 8.30.1236(MR1); versiones 8.20 anteriores a 8.20.1166(MR3); versiones 8.10 anteriores a 8.10.1211 (MR5); versiones 8.00 anteriores a 8.00.1228(MR6); versi\u00f3n 7.90 y versiones anteriores."}], "lastModified": "2020-12-16T19:46:03.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEC327DD-614D-4F03-B77A-941EFE1269F3", "versionEndExcluding": "7.90.0"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AF24E0D-FEF8-4814-A689-50869362C70A", "versionEndExcluding": "8.00.1228", "versionStartIncluding": "8.00"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55BB8603-0AAE-49A3-B127-374F24C498DE", "versionEndExcluding": "8.10.1211", "versionStartIncluding": "8.10"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE7DBECA-3C79-4346-AB66-B7538B230FE7", "versionEndExcluding": "8.20.1166", "versionStartIncluding": "8.20"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0DEE3F1-6EE3-4D31-BDF2-648F45C0EC20", "versionEndExcluding": "8.30.1236", "versionStartIncluding": "8.30"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.00.1228:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A79B43-E943-44E2-B13A-64F955518C8F"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.00.1228:maintenance_release6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8032E6B3-B5D4-4009-936B-35CA03CF0256"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.10.1211:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E672F2DB-6C4D-4549-977C-F4EDBCC461E3"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.10.1211:maintenance_release5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AE5C9DA-0A88-4A55-9395-7C2D357D9FF9"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.20.1166:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DACA47B-78DA-4ED5-A15B-04556FA11865"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.20.1166:maintenance_release3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38E86AF8-3460-4007-B5A2-0E4EA3F42974"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.30.1236:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34322F73-2AEF-4920-96DD-B138125A0660"}, {"criteria": "cpe:2.3:a:gallagher:command_centre:8.30.1236:maintenance_release1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "784CE63C-BE80-4111-9A56-6CD03CAE6E0D"}], "operator": "OR"}]}], "sourceIdentifier": "disclosures@gallagher.com"}