Deception Security Vulnerabilities and Issues — Deception CVE List

Lucene search

FidelissecurityDeception

3 matches found

CVE•added 2022/05/17 8:15 p.m.•65 views

CVE-2022-0486

Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is pr...

7.8CVSS6.2AI score0.00121EPSS

CVE•added 2022/05/17 8:15 p.m.•56 views

CVE-2022-0997

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a roo...

7.8CVSS6AI score0.00494EPSS

CVE•added 2021/06/25 12:15 p.m.•41 views

CVE-2021-35050

User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versions...

7.5CVSS6.8AI score0.00307EPSS