Filtered by vendor Netscout
Subscribe
Total
21 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-44718 | 1 Netscout | 1 Ngeniusone | 2023-02-07 | N/A | 3.5 LOW |
An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. | |||||
CVE-2022-44717 | 1 Netscout | 1 Ngeniusone | 2023-02-07 | N/A | 3.1 LOW |
An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. | |||||
CVE-2022-44715 | 1 Netscout | 1 Ngeniusone | 2023-02-06 | N/A | 8.8 HIGH |
Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload. | |||||
CVE-2022-44027 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6. | |||||
CVE-2022-44025 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6. | |||||
CVE-2022-44028 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6. | |||||
CVE-2022-44029 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6. | |||||
CVE-2022-44026 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6. | |||||
CVE-2022-44024 | 1 Netscout | 1 Ngeniusone | 2023-02-03 | N/A | 6.1 MEDIUM |
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6. | |||||
CVE-2021-35202 | 1 Netscout | 1 Ngeniusone | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. | |||||
CVE-2021-45983 | 1 Netscout | 1 Ngeniusone | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. | |||||
CVE-2021-45981 | 1 Netscout | 1 Ngeniusone | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. | |||||
CVE-2021-35203 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 3.5 LOW | 5.7 MEDIUM |
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. | |||||
CVE-2021-35201 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 4.3 MEDIUM | 6.5 MEDIUM |
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. | |||||
CVE-2021-35205 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 4.9 MEDIUM | 5.4 MEDIUM |
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. | |||||
CVE-2021-35204 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 3.5 LOW | 5.4 MEDIUM |
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. | |||||
CVE-2021-35200 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 3.5 LOW | 4.8 MEDIUM |
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService. | |||||
CVE-2021-35199 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 3.5 LOW | 5.4 MEDIUM |
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile. | |||||
CVE-2021-35198 | 1 Netscout | 1 Ngeniusone | 2021-10-04 | 3.5 LOW | 5.4 MEDIUM |
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module. | |||||
CVE-2020-28251 | 1 Netscout | 7 Airmagnet Enterprise, Sensor4-r1s1w1-e, Sensor4-r2s1-e and 4 more | 2021-07-21 | 9.3 HIGH | 8.1 HIGH |
NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise. |