Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    105 vulnerabilities by netscout

    CVE-2025-32986 (GCVE-0-2025-32986)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:50
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32986",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:49:58.360312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:50:35.036Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:49.634Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32986",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:50:35.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32985 (GCVE-0-2025-32985)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:48
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32985",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:47:25.381383Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-798",
                    "description": "CWE-798 Use of Hard-coded Credentials",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:48:06.307Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:33.734Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32985",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:48:06.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32984 (GCVE-0-2025-32984)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-25 21:43
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T21:42:39.236658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T21:43:04.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:22.406Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32984",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-25T21:43:04.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32983 (GCVE-0-2025-32983)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-25 21:45
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32983",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T21:43:40.845909Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T21:45:22.039Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:46.117Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32983",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-25T21:45:22.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32982 (GCVE-0-2025-32982)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:46
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-285 - Improper Authorization
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:43:18.753242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-285",
                    "description": "CWE-285 Improper Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:46:42.693Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:23.130Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32982",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:46:42.693Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32981 (GCVE-0-2025-32981)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:39
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:35:53.640611Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-276",
                    "description": "CWE-276 Incorrect Default Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:39:09.890Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:01.007Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32981",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:39:09.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32979 (GCVE-0-2025-32979)

    Vulnerability from nvd – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:32
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-378 - Creation of Temporary File With Insecure Permissions
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32979",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:31:06.214854Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-378",
                    "description": "CWE-378 Creation of Temporary File With Insecure Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:32:24.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:49:58.570Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32979",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:32:24.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27000 (GCVE-0-2023-27000)

    Vulnerability from nvd – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s).
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:24.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27000",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-10T15:41:12.694211Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-18T16:56:47.292Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:15.395Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-27000",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:24.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-26999 (GCVE-0-2023-26999)

    Vulnerability from nvd – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-611 - Improper Restriction of XML External Entity Reference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:23.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-26999",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-14T17:26:28.485423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-611",
                    "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:29:57.397Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:11.057Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-26999",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:23.023Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-26998 (GCVE-0-2023-26998)

    Vulnerability from nvd – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:21.781Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-26998",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T17:25:45.337171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T14:34:16.509Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:01.697Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-26998",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:21.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-32981 (GCVE-0-2025-32981)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:39
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:35:53.640611Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-276",
                    "description": "CWE-276 Incorrect Default Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:39:09.890Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:01.007Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32981",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:39:09.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32982 (GCVE-0-2025-32982)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:46
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-285 - Improper Authorization
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:43:18.753242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-285",
                    "description": "CWE-285 Improper Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:46:42.693Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:23.130Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32982",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:46:42.693Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32983 (GCVE-0-2025-32983)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-25 21:45
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32983",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T21:43:40.845909Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T21:45:22.039Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:51:46.117Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32983",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-25T21:45:22.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32985 (GCVE-0-2025-32985)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:48
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32985",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:47:25.381383Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-798",
                    "description": "CWE-798 Use of Hard-coded Credentials",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:48:06.307Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:33.734Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32985",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:48:06.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32986 (GCVE-0-2025-32986)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:50
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32986",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:49:58.360312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:50:35.036Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:49.634Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32986",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:50:35.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32979 (GCVE-0-2025-32979)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-29 15:32
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-378 - Creation of Temporary File With Insecure Permissions
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32979",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T15:31:06.214854Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-378",
                    "description": "CWE-378 Creation of Temporary File With Insecure Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T15:32:24.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:49:58.570Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32979",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-29T15:32:24.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-32984 (GCVE-0-2025-32984)

    Vulnerability from cvelistv5 – Published: 2025-04-25 00:00 – Updated: 2025-04-25 21:43
    VLAI
    Summary
    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-32984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T21:42:39.236658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T21:43:04.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-25T20:53:22.406Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.netscout.com/securityadvisories"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-32984",
        "datePublished": "2025-04-25T00:00:00.000Z",
        "dateReserved": "2025-04-15T00:00:00.000Z",
        "dateUpdated": "2025-04-25T21:43:04.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27000 (GCVE-0-2023-27000)

    Vulnerability from cvelistv5 – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s).
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:24.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27000",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-10T15:41:12.694211Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-18T16:56:47.292Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:15.395Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-27000",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:24.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-26998 (GCVE-0-2023-26998)

    Vulnerability from cvelistv5 – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:21.781Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-26998",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T17:25:45.337171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T14:34:16.509Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:01.697Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-26998",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:21.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-26999 (GCVE-0-2023-26999)

    Vulnerability from cvelistv5 – Published: 2024-01-09 00:00 – Updated: 2026-07-09 00:24
    VLAI
    Summary
    An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-611 - Improper Restriction of XML External Entity Reference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-09T00:24:23.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-26999",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-14T17:26:28.485423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-611",
                    "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:29:57.397Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T16:01:11.057Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-26999",
        "datePublished": "2024-01-09T00:00:00.000Z",
        "dateReserved": "2023-02-27T00:00:00.000Z",
        "dateUpdated": "2026-07-09T00:24:23.023Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    VAR-200202-0006

    Vulnerability from variot - Updated: 2024-07-23 22:34

    Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200202-0006",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "3com",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "american power conversion",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "aprisma",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "bea",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "bmc",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cnt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "comtek services",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cscare",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cacheflow",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "carrier access",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "compaq computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "computer associates",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "concord",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "dart",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "digital",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "entrada",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "equinox",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "fluke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "general datacomm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hirschmann",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hitachi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "iplanet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "itouch",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "infovista",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "inktomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "innerdive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ipswitch",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "karlnet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lantronix",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "larscom incorporated",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lotus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mg soft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "marconi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mercury interactive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "metrobility optical",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "micromuse",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "monfox",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "multinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "net snmp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "network harmoni",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nbase xyplex",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netsilicon",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netscape",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "network appliance",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "novell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "openwave",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "optical access",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "perle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "powerware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "radware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "redback",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "riverstone",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "snmp research",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sniffer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sonicwall",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sonus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "symantec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "the sco group sco unix",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "tivoli",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "toshiba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "unisphere",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "vertical",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "vina",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "wind river",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "world wide packets",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "xerox",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "e security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "net com",
            "version": null
          },
          {
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "4.3"
          },
          {
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "model": "snmp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "snmp",
            "version": "*"
          },
          {
            "model": "windows 98se",
            "scope": null,
            "trust": 0.9,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "microsoft",
            "version": "95"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nudesign team",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "outback resource group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "veritas",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bintec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "interniche",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ncipher corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netscreen",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nokia",
            "version": null
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "2.6 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "2.6 (x86)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "7.0 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "7.0 (x86)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (x86)"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.00"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.10"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.20"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.20"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.24"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.04"
          },
          {
            "model": "windows 2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "95"
          },
          {
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98"
          },
          {
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98 scd"
          },
          {
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "me"
          },
          {
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (server)"
          },
          {
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (terminal_srv)"
          },
          {
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (workstation)"
          },
          {
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "sp3"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.2"
          },
          {
            "model": "windows xp gold",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "6.5"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "4.5"
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.2.1"
          },
          {
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.1.1"
          },
          {
            "model": "ucd-snmp",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.2.2"
          },
          {
            "model": "snmp",
            "scope": null,
            "trust": 0.6,
            "vendor": "snmp",
            "version": null
          },
          {
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.0"
          },
          {
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.0.1"
          },
          {
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.0.1"
          },
          {
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "2.1"
          },
          {
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "4.1.2"
          },
          {
            "model": "ucd-snmp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "4.2.3"
          },
          {
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 7.0 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "model": "solaris 2.6 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "2.6"
          },
          {
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.5"
          },
          {
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.4"
          },
          {
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.3"
          },
          {
            "model": "research mid-level manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "model": "research enterpol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "model": "research dr-web manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "model": "brocade",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "2.6.0"
          },
          {
            "model": "networks aos",
            "scope": null,
            "trust": 0.3,
            "vendor": "redback",
            "version": null
          },
          {
            "model": "realplayer intranet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "realnetworks",
            "version": "5.0"
          },
          {
            "model": "software tcpware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "process",
            "version": "5.5"
          },
          {
            "model": "software multinet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "process",
            "version": "4.4"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.2"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.1"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.0"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.5"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.0"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.11"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.2"
          },
          {
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.0"
          },
          {
            "model": "windows xp professional",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows xp home",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "windows nt workstation sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt terminal server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows nt enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "model": "windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "98"
          },
          {
            "model": "windows terminal services sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows terminal services sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows terminal services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "model": "domino snmp agents solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1x86"
          },
          {
            "model": "domino snmp agents solaris sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1"
          },
          {
            "model": "domino snmp agents hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1"
          },
          {
            "model": "lrs",
            "scope": null,
            "trust": 0.3,
            "vendor": "lantronix",
            "version": null
          },
          {
            "model": "junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "model": "solutions router ip console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "innerdive",
            "version": "3.3.0.406"
          },
          {
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.3"
          },
          {
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.2"
          },
          {
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.1"
          },
          {
            "model": "secure os software for linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.0"
          },
          {
            "model": "procurve switch 8000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch 4108gl-bundle",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch 4108gl",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch 4000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2525"
          },
          {
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2524"
          },
          {
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2512"
          },
          {
            "model": "procurve switch 2424m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch 2400m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "procurve switch 1600m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ov/sam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1"
          },
          {
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.10"
          },
          {
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "model": "openview network node manager nt 4.x/windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.22000"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.211.x"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.210.x"
          },
          {
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.111.x"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.110.x"
          },
          {
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "model": "openview network node manager nt 4.x/windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.02000"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.011.x"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.010.20"
          },
          {
            "model": "openview network node manager windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0.23.51/4.0"
          },
          {
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.11"
          },
          {
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.11"
          },
          {
            "model": "openview extensible snmp agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "model": "openview emanate snmp agent solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.22.x"
          },
          {
            "model": "openview emanate snmp agent hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.211.x"
          },
          {
            "model": "openview emanate snmp agent hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.210.20"
          },
          {
            "model": "openview distributed management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "model": "openview distributed management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.03"
          },
          {
            "model": "mc/serviceguard",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.20.00"
          },
          {
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.32"
          },
          {
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.00"
          },
          {
            "model": "ito/vpo/ovo unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.04"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.24"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.20"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.11"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.0"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.20"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.10"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "model": "ems a.03.20",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ems a.03.10",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ems a.03.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "services nmserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "comtek",
            "version": "3.4"
          },
          {
            "model": "associates unicenter",
            "scope": null,
            "trust": 0.3,
            "vendor": "computer",
            "version": null
          },
          {
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7.1.1"
          },
          {
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7.1.0"
          },
          {
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7"
          },
          {
            "model": "openunix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "8.0"
          },
          {
            "model": "openserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "5.0.6"
          },
          {
            "model": "openserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "5.0.5"
          },
          {
            "model": "cacheos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cacheflow",
            "version": "4.0"
          },
          {
            "model": "cacheos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cacheflow",
            "version": "3.1"
          },
          {
            "model": "web nms msp edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "web nms",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "snmp utilities",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "snmp api",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "mediation server",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "management builder",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "fault management toolkit",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "configuration management toolkit",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "cli api",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "agent toolkit java/jmx edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "agent toolkit c edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "model": "webcache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "3000"
          },
          {
            "model": "webcache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "1000"
          },
          {
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "4900"
          },
          {
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "4400"
          },
          {
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "3300"
          },
          {
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "1100"
          },
          {
            "model": "ps hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "50"
          },
          {
            "model": "ps hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "40"
          },
          {
            "model": "dual speed hub",
            "scope": null,
            "trust": 0.3,
            "vendor": "3com",
            "version": null
          },
          {
            "model": "brocade .0d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "2.6"
          },
          {
            "model": "solutions router ip console",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "innerdive",
            "version": "3.3.0.407"
          },
          {
            "model": "jetdirect",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.21.00"
          },
          {
            "model": "jetdirect",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.32"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:snmp:snmp:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Discovered by the Oulu University Secure Programming Group.",
        "sources": [
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2002-0012",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": true,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2002-0012",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2002-0012",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#107186",
                "trust": 0.8,
                "value": "69.26"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#854306",
                "trust": 0.8,
                "value": "42.64"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200202-007",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite.  NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor.  This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers.  It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU.  It was previously known as UCD-SNMP.  They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations.  The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems.  These depend on the individual vulnerabilities in each affected product. \nHP has confirmed that large traps will cause OpenView Network Node Manager to crash.  This may be due to an exploitable buffer overflow condition",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          },
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 4.68
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2002-0012",
            "trust": 3.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#107186",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "4088",
            "trust": 2.2
          },
          {
            "db": "BID",
            "id": "4732",
            "trust": 1.9
          },
          {
            "db": "BID",
            "id": "4089",
            "trust": 1.9
          },
          {
            "db": "BID",
            "id": "4132",
            "trust": 1.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "5043",
            "trust": 1.3
          },
          {
            "db": "XF",
            "id": "8177",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "89608",
            "trust": 0.3
          },
          {
            "db": "BID",
            "id": "89661",
            "trust": 0.3
          },
          {
            "db": "BID",
            "id": "4203",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "id": "VAR-200202-0006",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.489583335
      },
      "last_update_date": "2024-07-23T22:34:48.127000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HPSBUX00184",
            "trust": 0.8,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00964944"
          },
          {
            "title": "MS02-006",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
          },
          {
            "title": "RHSA-2001:163",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2001-163.html"
          },
          {
            "title": "#00215",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
          },
          {
            "title": "#00215",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
          },
          {
            "title": "IBM Information for VU#107186",
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/iafy-55krcv"
          },
          {
            "title": "MS02-006",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/bulletin/ms02-006.mspx"
          },
          {
            "title": "RHSA-2001:163",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2001-163j.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.cert.org/advisories/ca-2002-03.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.kb.cert.org/vuls/id/107186"
          },
          {
            "trust": 1.6,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/"
          },
          {
            "trust": 1.6,
            "url": "http://www.cert.org/tech_tips/denial_of_service.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc3000.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1212.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1213.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1215.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1270.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2570.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2571.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2572.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2573.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2574.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2575.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2576.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/4088"
          },
          {
            "trust": 1.6,
            "url": "http://online.securityfocus.com/bid/4132"
          },
          {
            "trust": 1.6,
            "url": "http://online.securityfocus.com/bid/4732"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/4089"
          },
          {
            "trust": 1.6,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
          },
          {
            "trust": 1.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
          },
          {
            "trust": 1.0,
            "url": "http://www.iss.net/security_center/alerts/advise110.php"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/advisories/4211"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/5043"
          },
          {
            "trust": 1.0,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
          },
          {
            "trust": 0.8,
            "url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnca-2002-03"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/8177"
          },
          {
            "trust": 0.6,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
          },
          {
            "trust": 0.6,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
          },
          {
            "trust": 0.6,
            "url": "http://www.kb.cert.org/vuls/id/854306"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/bid/4088"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/bid/4089"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/news/474"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
          },
          {
            "trust": 0.3,
            "url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2002-01-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "date": "2002-02-12T00:00:00",
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89608"
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89661"
          },
          {
            "date": "2002-06-18T00:00:00",
            "db": "BID",
            "id": "5043"
          },
          {
            "date": "2002-05-13T00:00:00",
            "db": "BID",
            "id": "4732"
          },
          {
            "date": "2002-02-27T00:00:00",
            "db": "BID",
            "id": "4203"
          },
          {
            "date": "2002-02-12T00:00:00",
            "db": "BID",
            "id": "4088"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "date": "2002-02-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "date": "2002-02-13T05:00:00",
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-11-07T00:00:00",
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "date": "2007-11-07T00:00:00",
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89608"
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89661"
          },
          {
            "date": "2009-07-11T13:56:00",
            "db": "BID",
            "id": "5043"
          },
          {
            "date": "2002-05-13T00:00:00",
            "db": "BID",
            "id": "4732"
          },
          {
            "date": "2009-07-11T10:56:00",
            "db": "BID",
            "id": "4203"
          },
          {
            "date": "2009-07-11T10:56:00",
            "db": "BID",
            "id": "4088"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "date": "2005-10-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "date": "2018-10-12T21:30:46.750000",
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 1.8
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in SNMPv1 trap handling",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input Validation Error",
        "sources": [
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202301-1858

    Vulnerability from variot - Updated: 2023-12-18 13:55

    An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-1858",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": null,
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:build904:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          }
        ]
      },
      "cve": "CVE-2022-44027",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-44027",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-44027",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-2147",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44027"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-44027",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-441213",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44027",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "id": "VAR-202301-1858",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:55:03.120000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVE-2022-44027",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "NetScout nGeniusONE Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=223866"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44027 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-44027"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-44027/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "date": "2023-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "date": "2023-01-27T14:15:09.430000",
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441213"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44027"
          },
          {
            "date": "2023-07-21T07:58:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          },
          {
            "date": "2023-02-03T19:52:08.580000",
            "db": "NVD",
            "id": "CVE-2022-44027"
          },
          {
            "date": "2023-02-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout\u00a0nGeniusONE\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002615"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2147"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202301-2051

    Vulnerability from variot - Updated: 2023-12-18 13:55

    An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. NetScout nGeniusONE Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2051",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": "6.3.2 build 904"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:build904:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          }
        ]
      },
      "cve": "CVE-2022-44717",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.5,
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.1,
                "baseSeverity": "Low",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-44717",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-44717",
                "trust": 1.8,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-2141",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. NetScout nGeniusONE Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44717"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-44717",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-442205",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44717",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "id": "VAR-202301-2051",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:55:02.885000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVE-2022-44717",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "NetScout nGeniusONE Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=224217"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44717 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-601",
            "trust": 1.1
          },
          {
            "problemtype": "Open redirect (CWE-601) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-44717"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-44717/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44717"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "date": "2023-08-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "date": "2023-01-27T14:15:11.293000",
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-442205"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44717"
          },
          {
            "date": "2023-08-28T05:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          },
          {
            "date": "2023-02-07T19:21:00.917000",
            "db": "NVD",
            "id": "CVE-2022-44717"
          },
          {
            "date": "2023-02-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout\u00a0nGeniusONE\u00a0 Open redirect vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002967"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2141"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202109-0863

    Vulnerability from variot - Updated: 2023-12-18 13:42

    NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module. NETSCOUT nGeniusONE Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202109-0863",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.0"
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": "6.3.0 build 1004"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "6.3.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          }
        ]
      },
      "cve": "CVE-2021-35198",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-35198",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-395477",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2021-35198",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-35198",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202109-1984",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-395477",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-35198",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module. NETSCOUT nGeniusONE Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-35198",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-395477",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "id": "VAR-202109-0863",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:42:28.774000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Stored\u00a0Cross-Site\u00a0Scripting\u00a0(XSS)\u00a0in\u00a0the\u00a0Packet\u00a0Analysis\u00a0module",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "Netscout NgeniusOne Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164584"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-35198"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "date": "2021-09-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "date": "2022-09-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "date": "2021-09-30T18:15:07.600000",
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "date": "2021-09-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-10-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-395477"
          },
          {
            "date": "2021-10-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-35198"
          },
          {
            "date": "2022-09-05T03:01:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          },
          {
            "date": "2021-10-04T17:33:36.207000",
            "db": "NVD",
            "id": "CVE-2021-35198"
          },
          {
            "date": "2021-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETSCOUT\u00a0nGeniusONE\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012642"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1984"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0265

    Vulnerability from variot - Updated: 2023-12-18 13:42

    NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. netscout of nGeniusONE for, XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0265",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": null,
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          }
        ]
      },
      "cve": "CVE-2021-45981",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2021-45981",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-410693",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45981",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-45981",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-405",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-410693",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45981",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. netscout of nGeniusONE for, XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45981",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-410693",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "id": "VAR-202206-0265",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:42:05.314000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Netscout NgeniusOne Fixes for code issue vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=195963"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-611",
            "trust": 1.1
          },
          {
            "problemtype": "XML Improper restriction of external entity references (CWE-611) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://netscout.com"
          },
          {
            "trust": 2.6,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45981"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-45981/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/611.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "date": "2022-06-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "date": "2023-08-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "date": "2022-06-02T18:15:08.273000",
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "date": "2022-06-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-410693"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45981"
          },
          {
            "date": "2023-08-17T08:36:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          },
          {
            "date": "2022-06-13T12:15:30.327000",
            "db": "NVD",
            "id": "CVE-2021-45981"
          },
          {
            "date": "2022-06-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "netscout\u00a0 of \u00a0nGeniusONE\u00a0 In \u00a0XML\u00a0 External entity vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010950"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-405"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202301-1982

    Vulnerability from variot - Updated: 2023-12-18 13:41

    An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-1982",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": null,
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:build904:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          }
        ]
      },
      "cve": "CVE-2022-44026",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-44026",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-44026",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-2150",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44026"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-44026",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-441212",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44026",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "id": "VAR-202301-1982",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:41:42.667000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVE-2022-44026",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "NetScout nGeniusONE Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=223869"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44026 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-44026"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-44026/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44026"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "date": "2023-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "date": "2023-01-27T14:15:09.263000",
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441212"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44026"
          },
          {
            "date": "2023-07-21T07:59:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          },
          {
            "date": "2023-02-03T19:51:59.820000",
            "db": "NVD",
            "id": "CVE-2022-44026"
          },
          {
            "date": "2023-02-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout\u00a0nGeniusONE\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002617"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2150"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200904-0200

    Vulnerability from variot - Updated: 2023-12-18 13:40

    NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. Attackers can exploit this issue to perform unauthorized administrative functions. This can aid in further attacks. The NetScout Administrator device is vulnerable; other devices may also be affected. Reports indicated that this issue may exist in Network General Visualizer V2100 and Network General Infinistream i1730 Sniffer. This has not been confirmed. ----------------------------------------------------------------------

    Want a new job?

    http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/

    International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/


    TITLE: NetScout Visualizer / InfiniStream Security Bypass

    SECUNIA ADVISORY ID: SA30514

    VERIFY ADVISORY: http://secunia.com/advisories/30514/

    CRITICAL: Less critical

    IMPACT: Security Bypass

    WHERE:

    From remote

    OPERATING SYSTEM: NetScout Visualizer http://secunia.com/product/19033/ Network General InfiniStream i1730 http://secunia.com/product/19035/

    DESCRIPTION: A vulnerability has been reported in NetScout Visualizer and InfiniStream, which can be exploited by malicious users to perform certain actions with escalated privileges.

    The vulnerability is caused due to improper access restrictions to certain administrative pages in the web interface. This can be exploited to access administrative functions by directly accessing the URL of such pages.

    SOLUTION: Grant only trusted users access to affected system.

    PROVIDED AND/OR DISCOVERED BY: jgrove_2000

    ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-06/0068.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200904-0200",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngenius infinistream",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "netscout",
            "version": "i1730"
          },
          {
            "model": "visualizer",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "netscout",
            "version": "v2100"
          },
          {
            "model": "administrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscout",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "29590"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netscout:visualizer:v2100:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:netscout:ngenius_infinistream:i1730:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": ";",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-6701",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-6701",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-36826",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2008-6701",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200904-234",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-36826",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. \nAttackers can exploit this issue to perform unauthorized administrative functions. This can aid in further attacks. \nThe NetScout Administrator device is vulnerable; other devices may also be affected. \nReports indicated that this issue may exist in Network General Visualizer V2100 and Network General Infinistream i1730 Sniffer. This has not been confirmed. ----------------------------------------------------------------------\n\nWant a new job?\n\nhttp://secunia.com/secunia_security_specialist/\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\nInternational Partner Manager - Project Sales in the IT-Security\nIndustry:\nhttp://corporate.secunia.com/about_secunia/64/\n\n----------------------------------------------------------------------\n\nTITLE:\nNetScout Visualizer / InfiniStream Security Bypass\n\nSECUNIA ADVISORY ID:\nSA30514\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/30514/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nNetScout Visualizer\nhttp://secunia.com/product/19033/\nNetwork General InfiniStream i1730\nhttp://secunia.com/product/19035/\n\nDESCRIPTION:\nA vulnerability has been reported in NetScout Visualizer and\nInfiniStream, which can be exploited by malicious users to perform\ncertain actions with escalated privileges. \n\nThe vulnerability is caused due to improper access restrictions to\ncertain administrative pages in the web interface. This can be\nexploited to access administrative functions by directly accessing\nthe URL of such pages. \n\nSOLUTION:\nGrant only trusted users access to affected system. \n\nPROVIDED AND/OR DISCOVERED BY:\njgrove_2000\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2008-06/0068.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "BID",
            "id": "29590"
          },
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "PACKETSTORM",
            "id": "67204"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-6701",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "30514",
            "trust": 1.8
          },
          {
            "db": "OSVDB",
            "id": "46195",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "42938",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080606 VULNERABILITY IN NETWORK GENERAL/NET SCOUT PRODUCT",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "29590",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-36826",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "67204",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "BID",
            "id": "29590"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "PACKETSTORM",
            "id": "67204"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "id": "VAR-200904-0200",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:40:25.123000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.netscout.com/pages/default.aspx"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://osvdb.org/46195"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30514"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/493171/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42938"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6701"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-6701"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/42938"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/493171/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.netscout.com/products/administrator.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/493171"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/19035/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2008-06/0068.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_specialist/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/19033/"
          },
          {
            "trust": 0.1,
            "url": "http://corporate.secunia.com/about_secunia/64/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/30514/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "BID",
            "id": "29590"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "PACKETSTORM",
            "id": "67204"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "db": "BID",
            "id": "29590"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "db": "PACKETSTORM",
            "id": "67204"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2009-04-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "date": "2008-06-06T00:00:00",
            "db": "BID",
            "id": "29590"
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "date": "2008-06-11T22:00:21",
            "db": "PACKETSTORM",
            "id": "67204"
          },
          {
            "date": "2009-04-10T22:00:00.547000",
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "date": "2009-04-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-36826"
          },
          {
            "date": "2008-06-06T00:00:00",
            "db": "BID",
            "id": "29590"
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          },
          {
            "date": "2018-10-11T20:57:37.420000",
            "db": "NVD",
            "id": "CVE-2008-6701"
          },
          {
            "date": "2009-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout Visualizer Vulnerabilities that can obtain administrator privileges",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-004266"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200904-234"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202301-2035

    Vulnerability from variot - Updated: 2023-12-18 13:31

    An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2035",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": null,
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:build904:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          }
        ]
      },
      "cve": "CVE-2022-44025",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-44025",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-44025",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-2148",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44025"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-44025",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-441211",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44025",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "id": "VAR-202301-2035",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:31:45.220000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVE-2022-44025",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "NetScout nGeniusONE Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=223867"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44025 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-44025"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-44025/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-44025"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "date": "2023-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "date": "2023-01-27T14:15:09.100000",
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-441211"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-44025"
          },
          {
            "date": "2023-07-21T08:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          },
          {
            "date": "2023-02-03T19:52:21.687000",
            "db": "NVD",
            "id": "CVE-2022-44025"
          },
          {
            "date": "2023-02-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout\u00a0nGeniusONE\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002618"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-2148"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202109-0867

    Vulnerability from variot - Updated: 2023-12-18 13:27

    NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. NETSCOUT Systems nGeniusONE Contains a vulnerability in improper permission assignment for critical resources.Information may be tampered with. nGeniusONE is a service assurance solution from NETSCOUT that provides complete visibility into infrastructure, interdependencies and applications. An attacker could exploit this vulnerability to gain unauthorized access to the endpoint

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202109-0867",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netscout",
            "version": "6.3.0"
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": "6.3.0 build 1196"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          }
        ]
      },
      "cve": "CVE-2021-35202",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-35202",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-395481",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-35202",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-35202",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202109-1988",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-395481",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-35202",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. NETSCOUT Systems nGeniusONE Contains a vulnerability in improper permission assignment for critical resources.Information may be tampered with. nGeniusONE is a service assurance solution from NETSCOUT that provides complete visibility into infrastructure, interdependencies and applications. An attacker could exploit this vulnerability to gain unauthorized access to the endpoint",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-35202",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-101545",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-395481",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "id": "VAR-202109-0867",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:27:34.631000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Insecure\u00a0Permissions",
            "trust": 0.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "title": "Netscout NgeniusOne Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164588"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-732",
            "trust": 1.1
          },
          {
            "problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-35202"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/863.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "date": "2021-09-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "date": "2022-09-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "date": "2021-09-30T18:15:07.770000",
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "date": "2021-09-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-07-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-395481"
          },
          {
            "date": "2021-10-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-35202"
          },
          {
            "date": "2022-09-05T02:53:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          },
          {
            "date": "2022-07-12T17:42:04.277000",
            "db": "NVD",
            "id": "CVE-2021-35202"
          },
          {
            "date": "2022-07-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETSCOUT\u00a0Systems\u00a0nGeniusONE\u00a0 Vulnerability in improper permission assignment for critical resources in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-012638"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202109-1988"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0060

    Vulnerability from variot - Updated: 2023-12-18 13:27

    NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. netscout of nGeniusONE Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0060",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "netscout",
            "version": "6.3.2"
          },
          {
            "model": "ngeniusone",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          },
          {
            "model": "ngeniusone",
            "scope": null,
            "trust": 0.8,
            "vendor": "netscout",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscout:ngeniusone:6.3.2:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          }
        ]
      },
      "cve": "CVE-2021-45983",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2021-45983",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-410695",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45983",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-45983",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-402",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-410695",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. netscout of nGeniusONE Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45983"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45983",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-410695",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45983",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45983"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "id": "VAR-202206-0060",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:27:13.439000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NetScout nGeniusONE Fixes for code injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=198077"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-94",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://netscout.com"
          },
          {
            "trust": 2.6,
            "url": "https://www.netscout.com/securityadvisories"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45983"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-45983/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45983"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45983"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "date": "2022-06-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45983"
          },
          {
            "date": "2023-08-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "date": "2022-06-02T18:15:08.357000",
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "date": "2022-06-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-410695"
          },
          {
            "date": "2022-06-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45983"
          },
          {
            "date": "2023-08-17T08:36:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          },
          {
            "date": "2023-08-08T14:22:24.967000",
            "db": "NVD",
            "id": "CVE-2021-45983"
          },
          {
            "date": "2022-06-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "netscout\u00a0 of \u00a0nGeniusONE\u00a0 Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-010949"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-402"
          }
        ],
        "trust": 0.6
      }
    }