Vulnerability-Lookup

CVE-2022-24388 (GCVE-0-2022-24388)

Vulnerability from cvelistv5 – Published: 2022-05-17 19:30 – Updated: 2024-09-16 20:17

Title

Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception

Summary

Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - OS Command Injection

Assigner

Fidelis

References

URL

Tags

https://fidelissecurity.zendesk.com/hc/en-us/arti…

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Fidelis Cybersecurity

Fidelis Network

Affected: Fidelis Network , < 9.4.5 (custom)

Fidelis Cybersecurity

Fidelis Deception

Affected: Fidelis Deception , < 9.4.5 (custom)

Credits

Ryan Wincey, Securifera

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:07:02.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "CentOS"
          ],
          "product": "Fidelis Network",
          "vendor": "Fidelis Cybersecurity",
          "versions": [
            {
              "lessThan": "9.4.5",
              "status": "affected",
              "version": "Fidelis Network",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "CentOS"
          ],
          "product": "Fidelis Deception",
          "vendor": "Fidelis Cybersecurity",
          "versions": [
            {
              "lessThan": "9.4.5",
              "status": "affected",
              "version": "Fidelis Deception",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ryan Wincey, Securifera"
        }
      ],
      "datePublic": "2022-05-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Root level access"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-17T19:30:26.000Z",
        "orgId": "11ea3a0d-87b4-4e67-a1fa-f5a6be5d6676",
        "shortName": "Fidelis"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Apply patches or upgrade to latest version"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@fidelissecurity.com",
          "DATE_PUBLIC": "2022-05-16T15:30:00.000Z",
          "ID": "CVE-2022-24388",
          "STATE": "PUBLIC",
          "TITLE": "Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Fidelis Network",
                      "version": {
                        "version_data": [
                          {
                            "platform": "CentOS",
                            "version_affected": "\u003c",
                            "version_name": "Fidelis Network",
                            "version_value": "9.4.5"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Fidelis Deception",
                      "version": {
                        "version_data": [
                          {
                            "platform": "CentOS",
                            "version_affected": "\u003c",
                            "version_name": "Fidelis Deception",
                            "version_value": "9.4.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Fidelis Cybersecurity"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ryan Wincey, Securifera"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Root level access"
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
              "refsource": "CONFIRM",
              "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Apply patches or upgrade to latest version"
          }
        ],
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "11ea3a0d-87b4-4e67-a1fa-f5a6be5d6676",
    "assignerShortName": "Fidelis",
    "cveId": "CVE-2022-24388",
    "datePublished": "2022-05-17T19:30:26.070Z",
    "dateReserved": "2022-02-03T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:17:22.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2022-24388

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-24388

Aliases

CVE-2022-24388

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-24388",
    "description": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.",
    "id": "GSD-2022-24388"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-24388"
      ],
      "details": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.",
      "id": "GSD-2022-24388",
      "modified": "2023-12-13T01:19:43.003346Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@fidelissecurity.com",
        "DATE_PUBLIC": "2022-05-16T15:30:00.000Z",
        "ID": "CVE-2022-24388",
        "STATE": "PUBLIC",
        "TITLE": "Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Fidelis Network",
                    "version": {
                      "version_data": [
                        {
                          "platform": "CentOS",
                          "version_affected": "\u003c",
                          "version_name": "Fidelis Network",
                          "version_value": "9.4.5"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Fidelis Deception",
                    "version": {
                      "version_data": [
                        {
                          "platform": "CentOS",
                          "version_affected": "\u003c",
                          "version_name": "Fidelis Deception",
                          "version_value": "9.4.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fidelis Cybersecurity"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Ryan Wincey, Securifera"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Root level access"
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-78 OS Command Injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
            "refsource": "CONFIRM",
            "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "Apply patches or upgrade to latest version"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:fidelissecurity:deception:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.4.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fidelissecurity:network:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.4.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@fidelissecurity.com",
          "ID": "CVE-2022-24388"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-77"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
              "refsource": "CONFIRM",
              "tags": [
                "Permissions Required",
                "Vendor Advisory"
              ],
              "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-05-26T01:49Z",
      "publishedDate": "2022-05-17T20:15Z"
    }
  }
}

GHSA-C7HC-987R-WH58

Vulnerability from github – Published: 2022-05-18 00:00 – Updated: 2022-05-27 00:01

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-24388"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-17T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.",
  "id": "GHSA-c7hc-987r-wh58",
  "modified": "2022-05-27T00:01:32Z",
  "published": "2022-05-18T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24388"
    },
    {
      "type": "WEB",
      "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2022-59170

Vulnerability from cnvd - Published: 2022-08-25

Title

Fidelis Network Deception命令注入漏洞（CNVD-2022-59170）

Description

Fidelis Network Deception是美国Fidelis公司的一款安全产品。用于检测威胁并防止数据丢失，有检测恶意行为、识别流量异常、自动响应高级威胁等功能。 Fidelis Network Deception 9.4.5之前版本存在安全漏洞，该漏洞源于rconfig中的date存在问题。具有CLI用户级别访问权限的攻击者可利用该漏洞注入root级别的命令。

Severity

高

Patch Name

Fidelis Network Deception 命令注入漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411

Reference

https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411

Impacted products

Name
Fidelis Fidelis Network Deception <9.4.5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-24388",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-24388"
    }
  },
  "description": "Fidelis Network Deception\u662f\u7f8e\u56fdFidelis\u516c\u53f8\u7684\u4e00\u6b3e\u5b89\u5168\u4ea7\u54c1\u3002\u7528\u4e8e\u68c0\u6d4b\u5a01\u80c1\u5e76\u9632\u6b62\u6570\u636e\u4e22\u5931\uff0c\u6709\u68c0\u6d4b\u6076\u610f\u884c\u4e3a\u3001\u8bc6\u522b\u6d41\u91cf\u5f02\u5e38\u3001\u81ea\u52a8\u54cd\u5e94\u9ad8\u7ea7\u5a01\u80c1\u7b49\u529f\u80fd\u3002\n\nFidelis Network Deception 9.4.5\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8erconfig\u4e2d\u7684date\u5b58\u5728\u95ee\u9898\u3002\u5177\u6709CLI\u7528\u6237\u7ea7\u522b\u8bbf\u95ee\u6743\u9650\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165root\u7ea7\u522b\u7684\u547d\u4ee4\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-59170",
  "openTime": "2022-08-25",
  "patchDescription": "Fidelis Network Deception\u662f\u7f8e\u56fdFidelis\u516c\u53f8\u7684\u4e00\u6b3e\u5b89\u5168\u4ea7\u54c1\u3002\u7528\u4e8e\u68c0\u6d4b\u5a01\u80c1\u5e76\u9632\u6b62\u6570\u636e\u4e22\u5931\uff0c\u6709\u68c0\u6d4b\u6076\u610f\u884c\u4e3a\u3001\u8bc6\u522b\u6d41\u91cf\u5f02\u5e38\u3001\u81ea\u52a8\u54cd\u5e94\u9ad8\u7ea7\u5a01\u80c1\u7b49\u529f\u80fd\u3002\r\n\r\nFidelis Network Deception 9.4.5\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8erconfig\u4e2d\u7684date\u5b58\u5728\u95ee\u9898\u3002\u5177\u6709CLI\u7528\u6237\u7ea7\u522b\u8bbf\u95ee\u6743\u9650\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165root\u7ea7\u522b\u7684\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Fidelis Network Deception \u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e \u7684\u8865\u4e01",
  "products": {
    "product": "Fidelis Fidelis Network Deception \u003c9.4.5"
  },
  "referenceLink": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
  "serverity": "\u9ad8",
  "submitTime": "2022-05-19",
  "title": "Fidelis Network Deception\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2022-59170\uff09"
}

FKIE_CVE-2022-24388

Vulnerability from fkie_nvd - Published: 2022-05-17 20:15 - Updated: 2024-11-21 06:50

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@fidelissecurity.com	https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411	Permissions Required, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411	Permissions Required, Vendor Advisory

Impacted products

	Vendor	Product	Version
	fidelissecurity	deception	*
	fidelissecurity	network	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fidelissecurity:deception:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47023FD-5C7C-4A2C-BFF7-7800FB6A33FF",
              "versionEndExcluding": "9.4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fidelissecurity:network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AF6ED2D-5AB3-4D21-AF34-9F0F517C46DD",
              "versionEndExcluding": "9.4.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in rconfig \u201cdate\u201d enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en rconfig \"date\" permite a un atacante con acceso de nivel de usuario a la CLI inyectar comandos de nivel root en los componentes CommandPost, Collector, Sensor y Sandbox de Fidelis Network y Deception, as\u00ed como en los componentes vecinos de Fidelis. La vulnerabilidad est\u00e1 presente en Fidelis Network y Deception versiones anteriores a 9.4.5. Se presentan parches y actualizaciones disponibles para abordar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-24388",
  "lastModified": "2024-11-21T06:50:19.013",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security@fidelissecurity.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-17T20:15:08.293",
  "references": [
    {
      "source": "security@fidelissecurity.com",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411"
    }
  ],
  "sourceIdentifier": "security@fidelissecurity.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security@fidelissecurity.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-24388 (GCVE-0-2022-24388)

GSD-2022-24388

GHSA-C7HC-987R-WH58

CNVD-2022-59170

FKIE_CVE-2022-24388

Tags

Sightings

Nomenclature