Vulnerabilities > Fidelissecurity > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-0486 | Incorrect Default Permissions vulnerability in Fidelissecurity Deception and Network Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. | 7.2 |
| 2022-05-17 | CVE-2022-0997 | Incorrect Default Permissions vulnerability in Fidelissecurity Deception and Network Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. | 7.2 |
| 2021-06-25 | CVE-2021-35048 | SQL Injection vulnerability in Fidelissecurity Deception and Network Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface. | 7.5 |