CVE-2022-44717 — LOW (3.1) — White Hats Nepal

Vulnerability Description

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Netscout	Ngeniusone	6.3.2

Related Weaknesses (CWE)

CWE-601

References

https://www.netscout.com/securityadvisoriesVendor Advisory
https://www.netscout.com/securityadvisoriesVendor Advisory

FAQ

What is CVE-2022-44717?

CVE-2022-44717 is a vulnerability with a CVSS score of 3.1 (LOW). An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted ...

How severe is CVE-2022-44717?

CVE-2022-44717 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-44717?

Check the references section above for vendor advisories and patch information. Affected products include: Netscout Ngeniusone.