PT-2022-12482 · Netscout · Netscout Ngeniusone
Lukasz Plonka
·
Published
2022-06-02
·
Updated
2022-06-13
·
CVE-2021-45981
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NetScout nGeniusONE version 6.3.2
Description
The issue allows an XML External Entity (XXE) attack. This type of attack occurs when an application parses XML input that contains an external entity, allowing an attacker to access local or remote resources.
Recommendations
For NetScout nGeniusONE version 6.3.2, consider disabling XML parsing or restricting the use of external entities to minimize the risk of exploitation until a patch is available.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netscout Ngeniusone