Lucene search
+L

CVE-2022-0486

🗓️ 17 May 2022 19:32:58Reported by FidelisType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 81 Views🌐 WEB

Improper file permissions in Fidelis Network and Deception allow local admin to escalate privileges (CVE-2022-0486

Related
Detection
Affected
Refs
Paths
Social
NVD
[
  {
    "platforms": [
      "CentOS"
    ],
    "product": "Fidelis Network",
    "vendor": "Fidelis Cybersecurity",
    "versions": [
      {
        "lessThan": "9.4.5",
        "status": "affected",
        "version": "Fidelis Network",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "CentOS"
    ],
    "product": "Fidelis Deception",
    "vendor": "Fidelis Cybersecurity",
    "versions": [
      {
        "lessThan": "9.4.5",
        "status": "affected",
        "version": "Fidelis Deception",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
/FSS/bin/shutdown.plpath/FSS/bin/shutdown.plMisconfigured ownership/permissions allow fidelis user to escalate privileges using shutdown.pl with root privileges via sudoers.CWE-276
/FSS/setup/cert_mgmtpath/FSS/setup/cert_mgmtMisconfigured ownership/permissions on cert_mgmt enable privilege escalation to root via sudoers.CWE-276
/FSS/bin/db_updaterpath/FSS/bin/db_updaterMisconfigured ownership/permissions on db_updater enable privilege escalation to root via sudoers.CWE-276
/FSS/deception-manager/bin/deception-managerpath/FSS/deception-manager/bin/deception-managerMisconfigured ownership/permissions on deception-manager enable privilege escalation to root via sudoers.CWE-276
/FSS/sbin/fssdbg.shpath/FSS/sbin/fssdbg.shMisconfigured ownership/permissions on fssdbg.sh enable privilege escalation to root via sudoers.CWE-276
/FSS/bin/mstpath/FSS/bin/mstMisconfigured ownership/permissions on mst enable privilege escalation to root via sudoers.CWE-276
/FSS/bin/setuppath/FSS/bin/setupMisconfigured ownership/permissions on setup enable privilege escalation to root via sudoers.CWE-276
/FSS/setup/unlock_cp_user.shpath/FSS/setup/unlock_cp_user.shMisconfigured ownership/permissions on unlock_cp_user.sh enable privilege escalation to root via sudoers.CWE-276

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 04:20Current
6.2Medium risk
Vulners AI Score6.2
CVSS 27.2
CVSS 3.14.4 - 7.8
EPSS0.0038
81