Sign-up

ID

VAR-202301-2051


CVE

CVE-2022-44717


TITLE

NetScout nGeniusONE  Open redirect vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-002967

DESCRIPTION

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. NetScout nGeniusONE Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with

Trust: 1.8

sources: NVD: CVE-2022-44717 // JVNDB: JVNDB-2023-002967 // VULHUB: VHN-442205 // VULMON: CVE-2022-44717

AFFECTED PRODUCTS

vendor:netscoutmodel:ngeniusonescope:eqversion:6.3.2

Trust: 1.0

vendor:netscoutmodel:ngeniusonescope:eqversion: -

Trust: 0.8

vendor:netscoutmodel:ngeniusonescope:eqversion:6.3.2 build 904

Trust: 0.8

sources: JVNDB: JVNDB-2023-002967 // NVD: CVE-2022-44717

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-44717
value: LOW

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-44717
value: LOW

Trust: 1.0

NVD: CVE-2022-44717
value: LOW

Trust: 0.8

CNNVD: CNNVD-202301-2141
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2022-44717
baseSeverity: LOW
baseScore: 3.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 0.5
impactScore: 2.5
version: 3.1

Trust: 2.0

NVD: CVE-2022-44717
baseSeverity: LOW
baseScore: 3.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-002967 // CNNVD: CNNVD-202301-2141 // NVD: CVE-2022-44717 // NVD: CVE-2022-44717

PROBLEMTYPE DATA

problemtype:CWE-601

Trust: 1.1

problemtype:Open redirect (CWE-601) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-442205 // JVNDB: JVNDB-2023-002967 // NVD: CVE-2022-44717

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202301-2141

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202301-2141

PATCH

title:CVE-2022-44717url:https://www.netscout.com/securityadvisories

Trust: 0.8

title:NetScout nGeniusONE Enter the fix for the verification error vulnerabilityurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=224217

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-44717

Trust: 0.1

sources: VULMON: CVE-2022-44717 // JVNDB: JVNDB-2023-002967 // CNNVD: CNNVD-202301-2141

EXTERNAL IDS

db:NVDid:CVE-2022-44717

Trust: 3.4

db:JVNDBid:JVNDB-2023-002967

Trust: 0.8

db:CNNVDid:CNNVD-202301-2141

Trust: 0.6

db:VULHUBid:VHN-442205

Trust: 0.1

db:VULMONid:CVE-2022-44717

Trust: 0.1

sources: VULHUB: VHN-442205 // VULMON: CVE-2022-44717 // JVNDB: JVNDB-2023-002967 // CNNVD: CNNVD-202301-2141 // NVD: CVE-2022-44717

REFERENCES

url:https://www.netscout.com/securityadvisories

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-44717

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2022-44717/

Trust: 0.6

url:https://github.com/live-hack-cve/cve-2022-44717

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-442205 // VULMON: CVE-2022-44717 // JVNDB: JVNDB-2023-002967 // CNNVD: CNNVD-202301-2141 // NVD: CVE-2022-44717

SOURCES

db:VULHUBid:VHN-442205
db:VULMONid:CVE-2022-44717
db:JVNDBid:JVNDB-2023-002967
db:CNNVDid:CNNVD-202301-2141
db:NVDid:CVE-2022-44717

LAST UPDATE DATE

2025-03-28T23:20:53.216000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-442205date:2023-02-07T00:00:00
db:VULMONid:CVE-2022-44717date:2023-01-27T00:00:00
db:JVNDBid:JVNDB-2023-002967date:2023-08-28T05:03:00
db:CNNVDid:CNNVD-202301-2141date:2023-02-08T00:00:00
db:NVDid:CVE-2022-44717date:2025-03-28T16:15:21.010

SOURCES RELEASE DATE

db:VULHUBid:VHN-442205date:2023-01-27T00:00:00
db:VULMONid:CVE-2022-44717date:2023-01-27T00:00:00
db:JVNDBid:JVNDB-2023-002967date:2023-08-28T00:00:00
db:CNNVDid:CNNVD-202301-2141date:2023-01-27T00:00:00
db:NVDid:CVE-2022-44717date:2023-01-27T14:15:11.293