Known Vulnerabilities for products from Infoblox
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Infoblox".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-15303 | Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564. | 6.5 - MEDIUM | 2021-06-28 | 2021-07-02 |
| CVE-2018-10239 | A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally... | 6.7 - MEDIUM | 2019-06-17 | 2019-06-20 |
| CVE-2018-6643 | Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. | 6.1 - MEDIUM | 2018-08-28 | 2018-11-05 |
| CVE-2016-6484 | CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary H... | 6.1 - MEDIUM | 2017-01-23 | 2018-10-09 |
| CVE-2015-2033 | Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary command... | 10 - HIGH | 2015-02-20 | 2016-11-30 |
| CVE-2014-3419 | Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for... | 7.2 - HIGH | 2014-07-15 | 2018-10-09 |
| CVE-2014-3418 | config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell me... | 10 - HIGH | 2014-07-15 | 2018-10-09 |
| CVE-2011-5178 | Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, ... | 4.3 - MEDIUM | 2012-09-20 | 2012-12-17 |
| CVE-2004-0606 | Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to ... | 6.8 - MEDIUM | 2004-12-06 | 2017-07-11 |
| CVE-2004-0461 | The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf... | 10 - HIGH | 2004-08-06 | 2017-07-11 |
| CVE-2004-0460 | Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote atta... | 10 - HIGH | 2004-08-06 | 2017-07-11 |
| CVE-2002-2213 | The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allow... | 5 - MEDIUM | 2002-12-31 | 2008-09-05 |
Known software with vulnerabilities from Infoblox
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Infoblox | Dns | 7.0 |
| Application | Infoblox | If-map Client Simulator | 1.0.0.0 |
| Application | Infoblox | Netmri | 6.0.2.42 |
| Operating System | Infoblox | Nios | 6.8 |