Lucene search

FidelisCVELIST:CVE-2022-0997

HistoryMay 17, 2022 - 7:31 p.m.

CVE-2022-0997 Local Privilege Escalation Vulnerability in Fidelis Network and Deception

2022-05-1719:31:43

CWE-276

Fidelis

www.cve.org

cve-2022-0997

fidelis network and deception

local privilege escalation

improper file permissions

commandpost

collector

sensor

administrator access

arbitrary commands

root user

vulnerability

patches

updates

CVSS3

3.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

AI Score

7.9

Confidence

High

EPSS

Percentile

10.3%

JSON

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.

CNA Affected

[
  {
    "platforms": [
      "CentOS"
    ],
    "product": "Fidelis Network",
    "vendor": "Fidelis Cybersecurity",
    "versions": [
      {
        "lessThan": "9.4.5",
        "status": "affected",
        "version": "Fidelis Network",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "CentOS"
    ],
    "product": "Fidelis Deception",
    "vendor": "Fidelis Cybersecurity",
    "versions": [
      {
        "lessThan": "9.4.5",
        "status": "affected",
        "version": "Fidelis Deception",
        "versionType": "custom"
      }
    ]
  }
]

References

fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411