Gigamon: >> Gigavue-Os Security Vulnerabilities
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-03-10
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
CVSS Score
4.7
EPSS Score
0.001
Published
2021-01-05
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
CVSS Score
2.3
EPSS Score
0.0
Published
2021-01-05