Sign-up

ID

VAR-202301-2303


CVE

CVE-2022-44718


TITLE

NetScout nGeniusONE  Open redirect vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-002965

DESCRIPTION

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. NetScout nGeniusONE Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with

Trust: 1.8

sources: NVD: CVE-2022-44718 // JVNDB: JVNDB-2023-002965 // VULHUB: VHN-442207 // VULMON: CVE-2022-44718

AFFECTED PRODUCTS

vendor:netscoutmodel:ngeniusonescope:eqversion:6.3.2

Trust: 1.0

vendor:netscoutmodel:ngeniusonescope:eqversion: -

Trust: 0.8

vendor:netscoutmodel:ngeniusonescope:eqversion:6.3.2 build 904

Trust: 0.8

sources: JVNDB: JVNDB-2023-002965 // NVD: CVE-2022-44718

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-44718
value: LOW

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-44718
value: LOW

Trust: 1.0

NVD: CVE-2022-44718
value: LOW

Trust: 0.8

CNNVD: CNNVD-202301-2142
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2022-44718
baseSeverity: LOW
baseScore: 3.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 0.9
impactScore: 2.5
version: 3.1

Trust: 2.0

NVD: CVE-2022-44718
baseSeverity: LOW
baseScore: 3.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-002965 // CNNVD: CNNVD-202301-2142 // NVD: CVE-2022-44718 // NVD: CVE-2022-44718

PROBLEMTYPE DATA

problemtype:CWE-601

Trust: 1.1

problemtype:Open redirect (CWE-601) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-442207 // JVNDB: JVNDB-2023-002965 // NVD: CVE-2022-44718

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202301-2142

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202301-2142

PATCH

title:CVE-2022-44718url:https://www.netscout.com/securityadvisories

Trust: 0.8

title:NetScout nGeniusONE Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=223107

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-44718

Trust: 0.1

sources: VULMON: CVE-2022-44718 // JVNDB: JVNDB-2023-002965 // CNNVD: CNNVD-202301-2142

EXTERNAL IDS

db:NVDid:CVE-2022-44718

Trust: 3.4

db:JVNDBid:JVNDB-2023-002965

Trust: 0.8

db:CNNVDid:CNNVD-202301-2142

Trust: 0.6

db:VULHUBid:VHN-442207

Trust: 0.1

db:VULMONid:CVE-2022-44718

Trust: 0.1

sources: VULHUB: VHN-442207 // VULMON: CVE-2022-44718 // JVNDB: JVNDB-2023-002965 // CNNVD: CNNVD-202301-2142 // NVD: CVE-2022-44718

REFERENCES

url:https://www.netscout.com/securityadvisories

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-44718

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2022-44718/

Trust: 0.6

url:https://github.com/live-hack-cve/cve-2022-44718

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-442207 // VULMON: CVE-2022-44718 // JVNDB: JVNDB-2023-002965 // CNNVD: CNNVD-202301-2142 // NVD: CVE-2022-44718

SOURCES

db:VULHUBid:VHN-442207
db:VULMONid:CVE-2022-44718
db:JVNDBid:JVNDB-2023-002965
db:CNNVDid:CNNVD-202301-2142
db:NVDid:CVE-2022-44718

LAST UPDATE DATE

2025-03-28T23:20:53.177000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-442207date:2023-02-07T00:00:00
db:VULMONid:CVE-2022-44718date:2023-01-27T00:00:00
db:JVNDBid:JVNDB-2023-002965date:2023-08-28T04:59:00
db:CNNVDid:CNNVD-202301-2142date:2023-02-08T00:00:00
db:NVDid:CVE-2022-44718date:2025-03-28T16:15:21.190

SOURCES RELEASE DATE

db:VULHUBid:VHN-442207date:2023-01-27T00:00:00
db:VULMONid:CVE-2022-44718date:2023-01-27T00:00:00
db:JVNDBid:JVNDB-2023-002965date:2023-08-28T00:00:00
db:CNNVDid:CNNVD-202301-2142date:2023-01-27T00:00:00
db:NVDid:CVE-2022-44718date:2023-01-27T14:15:11.347