{"uuid": "d540032c-ad57-4b31-97bb-5968cd8288af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43107", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6978", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43107\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L)\n\ud83d\udd39 Description: Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events) to be sent to the Plugin.\nThis issue effects Gallagher MIPS Plugin\u00a0v4.0 prior to v4.0.32, all versions of v3.0 and prior.\n\ud83d\udccf Published: 2025-03-10T02:44:03.188Z\n\ud83d\udccf Modified: 2025-03-10T02:44:03.188Z\n\ud83d\udd17 References:\n1. https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-43107", "creation_timestamp": "2025-03-10T03:39:01.000000Z"}