Netscout Ngeniusone
36 CVEs affecting Netscout Ngeniusone. Latest disclosed: 2025-04-25. Critical: 4, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32985 | Critical | 9.8 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files. |
CVE-2023-26999 | Critical | 9.8 | 2024-01-09 | An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file. |
CVE-2021-45983 | Critical | 9.8 | 2022-06-02 | NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. |
CVE-2021-45981 | Critical | 9.8 | 2022-06-02 | NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. |
CVE-2022-44715 | High | 8.8 | 2023-01-27 | Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload. |
CVE-2021-45982 | High | 8.8 | 2022-06-02 | NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user. |
CVE-2025-32986 | High | 7.5 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint. |
CVE-2025-32983 | High | 7.5 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. |
CVE-2025-32982 | High | 7.5 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module. |
CVE-2025-32981 | High | 7.1 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File. |
CVE-2025-32979 | Medium | 6.5 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users. |
CVE-2021-35201 | Medium | 6.5 | 2021-09-30 | NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. |
CVE-2025-32984 | Medium | 6.1 | 2025-04-25 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter. |
CVE-2023-27000 | Medium | 6.1 | 2024-01-09 | Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile… |
CVE-2023-41170 | Medium | 6.1 | 2023-12-07 | NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability. |
CVE-2022-44029 | Medium | 6.1 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6. |
CVE-2022-44028 | Medium | 6.1 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6. |
CVE-2022-44027 | Medium | 6.1 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6. |
CVE-2022-44026 | Medium | 6.1 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6. |
CVE-2022-44025 | Medium | 6.1 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6. |