CVE-2022-24389
CVE-2022-24389 describes an authenticated command-injection vulnerability in Fidelis Network and Deception components (CommandPost, Collector, Sensor, Sandbox) due to a flaw in rconfig cert_utils. An attacker with user-level CLI access can inject root-level commands, affecting versions prior to 9...