Known Vulnerabilities for products from Infoblox
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Infoblox".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-37249 json | Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell acce... | 8.8 - HIGH | 2023-08-25 | 2023-08-31 |
| CVE-2022-32972 json | Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. | 7.8 - HIGH | 2023-02-17 | 2023-02-25 |
| CVE-2022-28975 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2024-01-09 | 2024-01-12 |
| CVE-2020-15303 json | Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564. | 6.5 - MEDIUM | 2021-06-28 | 2021-07-02 |
| CVE-2018-10239 json | A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally... | 6.7 - MEDIUM | 2019-06-17 | 2019-06-20 |
| CVE-2018-6643 json | Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. | 6.1 - MEDIUM | 2018-08-28 | 2018-11-05 |
| CVE-2016-6484 json | CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary H... | 6.1 - MEDIUM | 2017-01-23 | 2018-10-09 |
| CVE-2015-2033 json | Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary command... | 10 - HIGH | 2015-02-20 | 2016-11-30 |
| CVE-2014-3419 json | Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for... | 7.2 - HIGH | 2014-07-15 | 2018-10-09 |
| CVE-2014-3418 json | config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell me... | 10 - HIGH | 2014-07-15 | 2018-10-09 |
| CVE-2011-5178 json | Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, ... | 4.3 - MEDIUM | 2012-09-20 | 2012-12-17 |
| CVE-2004-0606 json | Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to ... | Not Provided | 2004-12-06 | 2025-04-03 |
| CVE-2004-0461 json | The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2004-0460 json | Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote atta... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2002-2213 json | The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allow... | Not Provided | 2002-12-31 | 2025-04-03 |
Known software with vulnerabilities from Infoblox
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Infoblox | Dns | 7.0 |
| Application | Infoblox | If-map Client Simulator | 1.0.0.0 |
| Application | Infoblox | Netmri | 6.0.2.42 |
| Operating System | Infoblox | Nios | 6.10.0 |