CVE-2021-35050 : User credentials stored in a recoverable format within Fidelis Network and Decep

User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.3. This vulnerability has been addressed in version 9.3.3 and subsequent versions.

Published 2021-06-25 12:15:09

Updated 2022-08-12 18:01:37

Source Fidelis Cybersecurity, Inc.

View at NVD, CVE.org

Products affected by CVE-2021-35050

Fidelissecurity » Deception
Versions before (<) 9.3.3
cpe:2.3:a:fidelissecurity:deception:*:*:*:*:*:*:*:*
Matching versions
Fidelissecurity » Network
Versions before (<) 9.3.3
cpe:2.3:a:fidelissecurity:network:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-35050

EPSS FAQ

0.25%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 45 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-35050

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	Fidelis Cybersecurity, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-35050

CWE-257 Storing Passwords in a Recoverable Format

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.

Assigned by: security@fidelissecurity.com (Secondary)
CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-35050

https://support.fidelissecurity.com/hc/en-us/categories/360001842694-Advisories-News-and-Policies

Fidelis Cybersecurity
Permissions Required;Vendor Advisory

CVEs referencing this url
https://www.securifera.com/blog/2021/06/24/operation-eagle-eye/

Operation Eagle Eye – Securifera
Exploit;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-35050

Products affected by CVE-2021-35050

Exploit prediction scoring system (EPSS) score for CVE-2021-35050

CVSS scores for CVE-2021-35050

CWE ids for CVE-2021-35050

References for CVE-2021-35050