Vulnerabilities > Fidelissecurity

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-35048 SQL Injection vulnerability in Fidelissecurity Deception and Network
Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface.
network
low complexity
fidelissecurity CWE-89
7.5
2021-06-25 CVE-2021-35049 OS Command Injection vulnerability in Fidelissecurity Deception and Network
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface.
network
low complexity
fidelissecurity CWE-78
6.5
2021-06-25 CVE-2021-35050 Insufficiently Protected Credentials vulnerability in Fidelissecurity Deception and Network
User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost.
network
low complexity
fidelissecurity CWE-522
5.0