Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Netscout Subscribe
Total 21 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44718 1 Netscout 1 Ngeniusone 2023-02-07 N/A 3.5 LOW
An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.
CVE-2022-44717 1 Netscout 1 Ngeniusone 2023-02-07 N/A 3.1 LOW
An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.
CVE-2022-44715 1 Netscout 1 Ngeniusone 2023-02-06 N/A 8.8 HIGH
Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload.
CVE-2022-44027 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6.
CVE-2022-44025 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6.
CVE-2022-44028 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6.
CVE-2022-44029 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6.
CVE-2022-44026 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.
CVE-2022-44024 1 Netscout 1 Ngeniusone 2023-02-03 N/A 6.1 MEDIUM
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6.
CVE-2021-35202 1 Netscout 1 Ngeniusone 2022-07-12 4.3 MEDIUM 4.3 MEDIUM
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.
CVE-2021-45983 1 Netscout 1 Ngeniusone 2022-06-13 7.5 HIGH 9.8 CRITICAL
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.
CVE-2021-45981 1 Netscout 1 Ngeniusone 2022-06-13 7.5 HIGH 9.8 CRITICAL
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
CVE-2021-35203 1 Netscout 1 Ngeniusone 2021-10-04 3.5 LOW 5.7 MEDIUM
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint.
CVE-2021-35201 1 Netscout 1 Ngeniusone 2021-10-04 4.3 MEDIUM 6.5 MEDIUM
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.
CVE-2021-35205 1 Netscout 1 Ngeniusone 2021-10-04 4.9 MEDIUM 5.4 MEDIUM
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector.
CVE-2021-35204 1 Netscout 1 Ngeniusone 2021-10-04 3.5 LOW 5.4 MEDIUM
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint.
CVE-2021-35200 1 Netscout 1 Ngeniusone 2021-10-04 3.5 LOW 4.8 MEDIUM
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.
CVE-2021-35199 1 Netscout 1 Ngeniusone 2021-10-04 3.5 LOW 5.4 MEDIUM
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.
CVE-2021-35198 1 Netscout 1 Ngeniusone 2021-10-04 3.5 LOW 5.4 MEDIUM
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.
CVE-2020-28251 1 Netscout 7 Airmagnet Enterprise, Sensor4-r1s1w1-e, Sensor4-r2s1-e and 4 more 2021-07-21 9.3 HIGH 8.1 HIGH
NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.