VYPR
Vendor

Gigamon

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2023-0746MedMar 10, 2023
    risk 0.41cvss 6.3epss 0.00

    The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.

  • CVE-2020-12252MedApr 29, 2020
    risk 0.40cvss 6.2epss 0.02

    An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter.

  • CVE-2020-23249MedJan 5, 2021
    risk 0.31cvss 4.7epss 0.00

    GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.

  • CVE-2020-23250LowJan 5, 2021
    risk 0.15cvss 2.3epss 0.00

    GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.

  • CVE-2020-12251LowApr 29, 2020
    risk 0.14cvss 2.2epss 0.01

    An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete…