Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI to inject user level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.
References
Link | Resource |
---|---|
https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411 | Permissions Required Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Fidelis
Published: 2022-05-16T00:00:00
Updated: 2022-05-17T19:27:50
Reserved: 2022-02-03T00:00:00
Link: CVE-2022-24390
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-17T20:15:08.393
Modified: 2022-05-26T02:07:01.000
Link: CVE-2022-24390
JSON object: View
Redhat Information
No data.