netscout ngeniuspulse CVE-2023-40300 is a vulnerability in Netscout Ngeniuspulse
Published on December 7, 2023

NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-40300 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Use of Hard-coded Credentials

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.


Products Associated with CVE-2023-40300

You can be notified by stack.watch whenever vulnerabilities like CVE-2023-40300 are published in these products:

Netscout Ngeniuspulse
 

What versions of Ngeniuspulse are vulnerable to CVE-2023-40300?