Security Vulnerabilities - CVEs Published In September 2021
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-09-30
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-09-30
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.
CVSS Score
4.8
EPSS Score
0.005
Published
2021-09-30
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-09-30
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-09-30
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint.
CVSS Score
5.7
EPSS Score
0.003
Published
2021-09-30
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-09-30
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-09-30
libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_example1.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-30
libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_connection.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-30