Filtered by vendor Netscout
Subscribe
Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44718 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | N/A | 3.5 LOW |
| An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. | |||||
| CVE-2021-45983 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. | |||||
| CVE-2021-45981 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. | |||||
| CVE-2021-35199 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile. | |||||
| CVE-2021-35201 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. | |||||
| CVE-2021-35204 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. | |||||
| CVE-2021-35198 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module. | |||||
| CVE-2021-35202 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. | |||||
| CVE-2021-35203 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 3.5 LOW | 5.7 MEDIUM |
| NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. | |||||
| CVE-2021-35205 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 4.9 MEDIUM | 5.4 MEDIUM |
| NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. | |||||
| CVE-2021-35200 | 1 Netscout | 1 Ngeniusone | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService. | |||||
| CVE-2020-28251 | 1 Netscout | 7 Airmagnet Enterprise, Sensor4-r1s1w1-e, Sensor4-r2s1-e and 4 more | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
| NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise. | |||||
| CVE-2008-6701 | 1 Netscout | 2 Ngenius Infinistream, Visualizer | 2023-12-10 | 7.5 HIGH | N/A |
| NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. | |||||