Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.
References
Link | Resource |
---|---|
https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411 | Permissions Required Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Fidelis
Published: 2022-05-16T00:00:00
Updated: 2022-05-17T19:26:54
Reserved: 2022-02-03T00:00:00
Link: CVE-2022-24391
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-17T20:15:08.453
Modified: 2022-05-26T02:08:19.357
Link: CVE-2022-24391
JSON object: View
Redhat Information
No data.
CWE