CVE Vulnerability

CVE-2022-44717

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.

3.1 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.netscout.com/securityadvisories Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:netscout:ngeniusone:6.3.2:build904:*:*:*:*:*:*
Information

Published : 2023-01-27 02:15

Updated : 2023-02-07 07:21

NVD link : CVE-2022-44717

Mitre link : CVE-2022-44717

Products Affected

Netscout

Ngeniusone

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')