Lucene search

Ngeniusone Security Vulnerabilities

cve

CVE-2021-35198

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.

5.4CVSS

5.2AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.

5.4CVSS

5.2AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35200

NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.

4.8CVSS

4.8AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35201

NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.

6.5CVSS

6.4AI Score

0.002EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35202

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.

4.3CVSS

4.6AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35203

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint.

5.7CVSS

5.6AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35204

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint.

5.4CVSS

5.3AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-35205

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector.

5.4CVSS

5.5AI Score

0.001EPSS

2021-09-30 06:15 PM

cve

CVE-2021-45981

NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.

9.8CVSS

9.4AI Score

0.002EPSS

2022-06-02 06:15 PM

cve

CVE-2021-45982

NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user.

8.8CVSS

8.5AI Score

0.001EPSS

2022-06-02 06:15 PM

cve

CVE-2021-45983

NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.

9.8CVSS

9.4AI Score

0.002EPSS

2022-06-02 06:15 PM

cve

CVE-2022-44024

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44025

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44026

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44027

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44028

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44029

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6.

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44715

Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload.

8.8CVSS

8.4AI Score

0.002EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44717

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack C...

3.1CVSS

4AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44718

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack C...

3.5CVSS

4AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2023-26998

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.

5.4CVSS

5.8AI Score

0.001EPSS

2024-01-09 02:15 AM

cve

CVE-2023-26999

An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.

9.8CVSS

9.3AI Score

0.004EPSS

2024-01-09 02:15 AM

cve

CVE-2023-27000

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s).

6.1CVSS

6.4AI Score

0.002EPSS

2024-01-09 02:15 AM

cve

CVE-2023-41168

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 1 of 4).

5.4CVSS

5.3AI Score

0.0004EPSS

2023-12-07 06:15 PM

cve

CVE-2023-41169

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 2 of 4).

5.4CVSS

5.3AI Score

0.0004EPSS

2023-12-07 06:15 PM

cve

CVE-2023-41170

NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability.

6.1CVSS

6.2AI Score

0.0005EPSS

2023-12-07 06:15 PM

cve

CVE-2023-41171

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 3 of 4).

5.4CVSS

5.3AI Score

0.0004EPSS

2023-12-07 06:15 PM

cve

CVE-2023-41172

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 4 of 4).

5.4CVSS

5.3AI Score

0.0004EPSS

2023-12-07 06:15 PM

cve

CVE-2023-41905

NETSCOUT nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting (XSS) vulnerability by an authenticated user.

5.4CVSS

5.3AI Score

0.0004EPSS

2023-12-07 06:15 PM