Netscout Ngeniusone

36 CVEs affecting Netscout Ngeniusone. Latest disclosed: 2025-04-25. Critical: 4, High: 6.

Top CVEs affecting Netscout Ngeniusone
CVESeverityScorePublishedSummary
CVE-2025-32985Critical9.82025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
CVE-2023-26999Critical9.82024-01-09An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.
CVE-2021-45983Critical9.82022-06-02NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.
CVE-2021-45981Critical9.82022-06-02NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
CVE-2022-44715High8.82023-01-27Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload.
CVE-2021-45982High8.82022-06-02NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user.
CVE-2025-32986High7.52025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
CVE-2025-32983High7.52025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
CVE-2025-32982High7.52025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
CVE-2025-32981High7.12025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
CVE-2025-32979Medium6.52025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
CVE-2021-35201Medium6.52021-09-30NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.
CVE-2025-32984Medium6.12025-04-25NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
CVE-2023-27000Medium6.12024-01-09Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile…
CVE-2023-41170Medium6.12023-12-07NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability.
CVE-2022-44029Medium6.12023-01-27An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6.
CVE-2022-44028Medium6.12023-01-27An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6.
CVE-2022-44027Medium6.12023-01-27An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6.
CVE-2022-44026Medium6.12023-01-27An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.
CVE-2022-44025Medium6.12023-01-27An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6.