Vulnerabilities > Fidelissecurity > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-24390 | Command Injection vulnerability in Fidelissecurity Deception and Network Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI to inject user level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. | 6.5 |
| 2022-05-17 | CVE-2022-24391 | SQL Injection vulnerability in Fidelissecurity Deception and Network Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. | 6.5 |
| 2021-06-25 | CVE-2021-35049 | OS Command Injection vulnerability in Fidelissecurity Deception and Network Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface. | 6.5 |
| 2021-06-25 | CVE-2021-35050 | Insufficiently Protected Credentials vulnerability in Fidelissecurity Deception and Network User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. | 5.0 |