CVE-2023-40300 is a vulnerability in Netscout Ngeniuspulse
Published on December 7, 2023
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.
Vulnerability Analysis
CVE-2023-40300 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Products Associated with CVE-2023-40300
You can be notified by stack.watch whenever vulnerabilities like CVE-2023-40300 are published in these products:
What versions of Ngeniuspulse are vulnerable to CVE-2023-40300?
- Netscout Ngeniuspulse Version 3.8.0-0.2349.0