Unrated severityNVD Advisory· Published Jun 25, 2021· Updated Sep 16, 2024
Privileged Command Injection Vulnerability in Fidelis Network and Deception
CVE-2021-35047
Description
Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.7 and in version 9.4. Patches and updates are available to address this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: same as Fidelis Network and Deception
- Range: <9.3.7, =9.4
- Range: Fidelis Deception 9.4
Patches
Vulnerability mechanics
References
2- support.fidelissecurity.com/hc/en-us/categories/360001842694-Advisories-News-and-Policiesmitrex_refsource_CONFIRM
- www.securifera.com/blog/2021/06/24/operation-eagle-eye/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.