U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): GigaVUE
  • Search Type: Search All
  • CPE Name Search: false
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.

Published: March 10, 2023; 11:15:10 AM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)

GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.

Published: January 05, 2021; 5:15:13 PM -0500
V3.1: 2.3 LOW
V2.0: 2.1 LOW

GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.

Published: January 05, 2021; 5:15:13 PM -0500
V3.1: 4.7 MEDIUM
V2.0: 4.0 MEDIUM

An issue was discovered in Gigamon GigaVUE The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter.

Published: April 29, 2020; 10:15:19 AM -0400
V3.1: 6.2 MEDIUM
V2.0: 6.0 MEDIUM

An issue was discovered in Gigamon GigaVUE The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete directory listing of the machine.

Published: April 29, 2020; 10:15:18 AM -0400
V3.1: 2.2 LOW
V2.0: 3.5 LOW