Headline
CVE-2021-45981: Security Advisories | NETSCOUT
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
NETSCOUT Security
CVE-2021-45981
CVE
Title
Version
Severity
CVE-2021-45981
XML External Entity (XXE)
6.3.2
Base
Summary
NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows XML External Entity (XXE) attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.
NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45981 to [email protected]
Fixed Software
Customers should install patch 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.
CVE-2021-45982
CVE
Title
Version
Severity
CVE-2021-45982
Arbitrary File Upload
6.3.2
Base
Summary
NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows an Arbitrary File Upload vulnerability. Attack complexity is high. Privileges required low. User interaction required and scope is unchanged.
NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to [email protected]
Fixed Software
Customers should install patch 6.3.2 P10 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.
CVE-2021-45983
CVE
Title
Version
Severity
CVE-2021-45983
Java RMI Remote Code Execution
6.3.2
Base
Summary
NETSCOUT Systems nGeniusONE version 6.3.2 build 904 allows Java RMI Code Execution attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.
NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to [email protected]
Fixed Software
Customers should install 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.
CVE-2021-35205
CVE
Title
Severity
Published
Updated
CVE-2021-35205
Open Redirection
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. The Attack complexity is low, and the privileges required are also low. User Interaction required, and Scope is unchanged
Fixed Software
Customers should request a patch 6.3.2 FCS B426 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35204
CVE
Title
Severity
Published
Updated
CVE-2021-35204
Cross-Site Scripting (XSS)
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. Attack Complexity required is low. Privileges required are low and User Interaction required, and Scope is unchanged. The victim has to click on the provided URL.
Fixed Software
Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35203
CVE
Title
Severity
Published
Updated
CVE-2021-35203
Incorrect Access Control
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. The attacker needs to send a specially crafted request with a parameter with the file name to read. The Attack Complexity is low, and the privileges required are low. User Interaction is required, and Scope is unchanged
Fixed Software
Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35202
CVE
Title
Severity
Published
Updated
CVE-2021-35202
Insecure Permissions
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. Attack Complexity is Low. The attacker can reach endpoints that are restricted. User Interaction is required, and Scope is unchanged
Fixed Software
Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35201
CVE
Title
Severity
Published
Updated
CVE-2021-35201
XML External Entity (XXE)
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems NEI in nGeniusONE version 6.3.0 build 1196 allows XML External Entity (XXE) attacks. Attack Complexity is High, Privileges Required None, User Interaction Required and Scope is unchanged.
Fixed Software
Customers should request a patch 6.3.0 P4 B1406 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35200
CVE
Title
Severity
Published
Updated
CVE-2021-35200
Stored Cross-Site Scripting (XSS)
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 has stored cross-site scripting in FDSQueryService vulnerability that a high-privileged user can exploit. This would require a user with high privileges. Attack complexity is High, and the Scope is Unchanged
Fixed Software
Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35199
CVE
Title
Severity
Published
Updated
CVE-2021-35199
Stored Cross-Site Scripting (XSS) in UploadFile
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 and earlier has stored cross-site scripting in Packet Analysis module Upload File vulnerability that a normal user can exploit. This requires a little crypto knowledge to exploit. The vulnerability exists in upload functionality.
Fixed Software
Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.
CVE-2021-35198
CVE
Title
Severity
Published
Updated
CVE-2021-35198
Stored Cross-Site Scripting (XSS) in the Packet Analysis module
Medium
09/30/2021
10/04/2021
Summary
NETSCOUT Systems nGeniusONE version 6.3.0 build 1004, and earlier has a stored cross-site scripting vulnerability that a normal user can exploit. The user would need to visit a certain functionality in the packet module for the Stored XSS to get executed.
Fixed Software
Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix
CVE-2020-28251
CVE
Title
Severity
Published
Updated
CVE-2020-28251
Escalated Privileges Vulnerability on AirMagnet Enterprise Sensors
High
2020 December 03
2020 December 07
NETSCOUT Systems AirMagnet Enterprise version 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.
The affected product models are:
- SENSOR6-R1S0W1-E
- SENSOR6-R2S1-E
- SENSOR6-R2S1-I
- SENSOR4-R1S1W1-E
- SENSOR4-R2S1-E
- SENSOR4-R2S1-I
A software upgrade to AirMagnet Enterprise version 11.1.4 build 37271 to eliminate this vulnerability is available on My NETSCOUT accounts on the AirMagnet Enterprise Downloads page or may be obtained by contacting AirMagnet support at 1-800-708-4784.