Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Deception Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2021-35047

Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deceptio...

9.9CVSS

8.6AI Score

0.006EPSS

2021-06-25 12:15 PM
29
5
cve
cve

CVE-2021-35048

Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface. The vulnerability could lead to exposure of authentication tokens in some versions of Fidelis software. The vulnerability is present in Fidelis Network and Deception versions ...

9.8CVSS

9.8AI Score

0.002EPSS

2021-06-25 12:15 PM
33
4
cve
cve

CVE-2021-35049

Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response in an authenticated sessi...

9.9CVSS

8.9AI Score

0.006EPSS

2021-06-25 12:15 PM
40
4