Vulnerabilities > Netscout > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-26999 XXE vulnerability in Netscout Ngeniusone 6.3.4
An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.
network
low complexity
netscout CWE-611
critical
9.8
2023-12-07 CVE-2023-40300 Use of Hard-coded Credentials vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.
network
low complexity
netscout CWE-798
critical
9.8
2023-12-07 CVE-2023-40301 Command Injection vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.
network
low complexity
netscout CWE-77
critical
9.8
2023-12-07 CVE-2023-40302 Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability
network
low complexity
netscout CWE-732
critical
9.1
2022-06-02 CVE-2021-45981 XXE vulnerability in Netscout Ngeniusone 6.3.2
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
network
low complexity
netscout CWE-611
critical
9.8
2022-06-02 CVE-2021-45983 Unspecified vulnerability in Netscout Ngeniusone 6.3.2
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.
network
low complexity
netscout
critical
9.8