Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
User Credentials Stored in a Recoverable Format within Fidelis Network and Deception
Vulnerability Description
User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.3. This vulnerability has been addressed in version 9.3.3 and subsequent versions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
以可恢复格式存储口令
Vulnerability Title
Fidelis Network 安全漏洞
Vulnerability Description
Fidelis Network Deception是美国Fidelis公司的一款安全产品。用于检测威胁并防止数据丢失,有检测恶意行为、识别流量异常、自动响应高级威胁等功能。 Fidelis Network 存在安全漏洞,该漏洞源于用户凭据以可恢复格式存储在 Fidelis Network 和 Deception CommandPost 中。攻击者可利用该漏洞获得对CommandPost的访问权,这些值可以被解码并用于登录到应用程序。
CVSS Information
N/A
Vulnerability Type
N/A