2 matches found
CVE-2022-0486 Privileged Command Injection Vulnerability in Fidelis Network and Deception
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is...
CVE-2022-0486
CVE-2022-0486 affects Fidelis Network and Deception components (CommandPost, Collector, Sensor, Sandbox) where improper file permissions allow a locally privileged attacker to modify affected files and escalate to root. Affected versions are Fidelis Network and Deception prior to 9.4.5; patches/u...