Vulnerabilities > Netscout > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-26999 XXE vulnerability in Netscout Ngeniusone 6.3.4
An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.
network
low complexity
netscout CWE-611
critical
9.8
2023-12-07 CVE-2023-40300 Use of Hard-coded Credentials vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.
network
low complexity
netscout CWE-798
critical
9.8
2023-12-07 CVE-2023-40301 Command Injection vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.
network
low complexity
netscout CWE-77
critical
9.8
2023-12-07 CVE-2023-40302 Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability
network
low complexity
netscout CWE-732
critical
9.1
2022-06-02 CVE-2021-45983 Unspecified vulnerability in Netscout Ngeniusone 6.3.2
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.
network
low complexity
netscout
critical
9.8
2020-12-03 CVE-2020-28251 Improper Privilege Management vulnerability in Netscout Airmagnet Enterprise 11.1.4
NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system.
network
netscout CWE-269
critical
9.3