Skip to main content

Gigavue Os

2 CVEs product

Monthly

CVE-2026-36848 HIGH This Week

Path traversal in the H-VUE web management subsystem of Gigamon GigaVUE-OS (GVOS) versions 5.16.1 and earlier allows remote attackers to read arbitrary files outside the intended web root, exposing sensitive system data. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable, low-complexity, unauthenticated exploitation with high confidentiality impact but no integrity or availability effect. A researcher GitHub repository tracking this CVE suggests proof-of-concept material may exist, but there is no public exploit explicitly confirmed and no CISA KEV listing at time of analysis.

Path Traversal Gigavue Os
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-0746 MEDIUM This Month

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Gigavue Os
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH This Week

Path traversal in the H-VUE web management subsystem of Gigamon GigaVUE-OS (GVOS) versions 5.16.1 and earlier allows remote attackers to read arbitrary files outside the intended web root, exposing sensitive system data. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable, low-complexity, unauthenticated exploitation with high confidentiality impact but no integrity or availability effect. A researcher GitHub repository tracking this CVE suggests proof-of-concept material may exist, but there is no public exploit explicitly confirmed and no CISA KEV listing at time of analysis.

Path Traversal Gigavue Os
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Gigavue Os
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy