Deception@9.4 Security Vulnerabilities and Issues — Deception@9.4 CVE List

Lucene search

FidelissecurityDeception9.4

3 matches found

CVE•added 2021/06/25 12:15 p.m.•48 views

CVE-2021-35049

Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response in an authenticated sessi...

9.9CVSS9.1AI score0.16632EPSS

CVE•added 2021/06/25 12:15 p.m.•42 views

CVE-2021-35048

Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface. The vulnerability could lead to exposure of authentication tokens in some versions of Fidelis software. The vulnerability is present in Fidelis Network and Deception versions ...

9.8CVSS10AI score0.01234EPSS

CVE•added 2021/06/25 12:15 p.m.•39 views

CVE-2021-35047

Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deceptio...

9.9CVSS8.8AI score0.01014EPSS