CVE-2023-41172

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 7, 2023

Updated: Dec 12, 2023

CWE ID 79

Summary

CVE-2023-41172 is a newly disclosed vulnerability affecting NetScout's nGeniusONE 6.3.4 build 2298. This issue permits an attacker to inject malicious scripts into a targeted user's web browser via a stored Cross-Site Scripting (XSS) attack. Successful exploitation could result in the theft of sensitive data or unauthorized access to the affected user's account. The vulnerability is one of four identified in the system, and users are urged to update their software as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

NetScout Systems Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/scJwyl
https://www.cve.org/CVERecord?id=CVE-2023-41172
https://nvd.nist.gov/vuln/detail/CVE-2023-41172

Back to Vulnerability Database

CVE-2023-41172

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations