Back to overview

CVE-2026-26053

MEDIUM
5.3
CVSS 3.1
Description
An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.

Metadata

CVE ID
CVE-2026-26053
State
PUBLISHED
Assigner
Gallagher
Reserved
2026-03-01 23:45 UTC
Published
2026-07-07 03:48 UTC
Last updated
2026-07-07 03:48 UTC
Primary CWE
CWE-266
CWE-266 Incorrect privilege assignment
Vendor / Product
Gallagher / Command Centre Server
Sources
cve.org  ·  NVD

Severity & Metrics

5.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected products (1)
VendorProductPlatformVersions
Gallagher Command Centre Server 9.10, 9.50 < vEL9.50.1587(MR1), 9.40 < vEL9.40.3130(MR3), 9.30 < vEL9.30.3983(MR5) …
Weakness (CWE)
CWESourceDescription
CWE-266 cna CWE-266 Incorrect privilege assignment
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Back to overview