Vulnerabilites related to infoblox - netmri
CVE-2011-5178 (GCVE-0-2011-5178)
Vulnerability from cvelistv5
Published
2012-09-20 10:00
Modified
2024-09-16 17:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/46854 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2011/Nov/158 | mailing-list, x_refsource_FULLDISC | |
| http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg | x_refsource_CONFIRM | |
| http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss | x_refsource_MISC | |
| http://www.securitytracker.com/id?1026319 | vdb-entry, x_refsource_SECTRACK | |
| http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46854",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg"
},
{
"name": "20111110 [FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Nov/158"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss"
},
{
"name": "1026319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026319"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-20T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "46854",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg"
},
{
"name": "20111110 [FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Nov/158"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss"
},
{
"name": "1026319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026319"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46854",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46854"
},
{
"name": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg",
"refsource": "CONFIRM",
"url": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg"
},
{
"name": "20111110 [FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Nov/158"
},
{
"name": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg",
"refsource": "CONFIRM",
"url": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg"
},
{
"name": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss"
},
{
"name": "1026319",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026319"
},
{
"name": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg",
"refsource": "CONFIRM",
"url": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5178",
"datePublished": "2012-09-20T10:00:00Z",
"dateReserved": "2012-09-19T00:00:00Z",
"dateUpdated": "2024-09-16T17:37:52.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32815 (GCVE-0-2025-32815)
Vulnerability from cvelistv5
Published
2025-05-22 00:00
Modified
2025-05-22 15:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T14:47:22.100452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T15:13:29.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T14:42:11.178Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32815"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32815",
"datePublished": "2025-05-22T00:00:00.000Z",
"dateReserved": "2025-04-11T00:00:00.000Z",
"dateUpdated": "2025-05-22T15:13:29.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32814 (GCVE-0-2025-32814)
Vulnerability from cvelistv5
Published
2025-05-22 00:00
Modified
2025-05-22 18:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T17:43:40.260350Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:29:57.430Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T14:48:16.421Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32814"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32814",
"datePublished": "2025-05-22T00:00:00.000Z",
"dateReserved": "2025-04-11T00:00:00.000Z",
"dateUpdated": "2025-05-22T18:29:57.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52874 (GCVE-0-2024-52874)
Vulnerability from cvelistv5
Published
2025-05-22 00:00
Modified
2025-05-23 15:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-52874",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-23T15:37:37.230915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T15:54:02.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:18:23.698Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2024-52874"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-52874",
"datePublished": "2025-05-22T00:00:00.000Z",
"dateReserved": "2024-11-17T00:00:00.000Z",
"dateUpdated": "2025-05-23T15:54:02.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2033 (GCVE-0-2015-2033)
Vulnerability from cvelistv5
Published
2015-02-20 11:00
Modified
2024-08-06 05:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/73423 | vdb-entry, x_refsource_BID | |
| http://unsecurityresearch.com/index.php?option=com_content&view=article&id=46&Itemid=53 | x_refsource_MISC | |
| https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:42.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73423",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73423"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "73423",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73423"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73423",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73423"
},
{
"name": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53",
"refsource": "MISC",
"url": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53"
},
{
"name": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483",
"refsource": "MISC",
"url": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2033",
"datePublished": "2015-02-20T11:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:42.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3419 (GCVE-0-2014-3419)
Vulnerability from cvelistv5
Published
2014-07-15 14:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/68473 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/532710/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id/1030542 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94450 | vdb-entry, x_refsource_XF | |
| https://github.com/depthsecurity/NetMRI-2014-3418 | x_refsource_MISC | |
| http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68473"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html"
},
{
"name": "20140709 Weak Local Database Credentials in Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"name": "1030542",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030542"
},
{
"name": "infoblox-cve20143419-default-account(94450)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Infoblox NetMRI before 6.8.5 has a default password of admin for the \"root\" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "68473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68473"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html"
},
{
"name": "20140709 Weak Local Database Credentials in Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"name": "1030542",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030542"
},
{
"name": "infoblox-cve20143419-default-account(94450)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Infoblox NetMRI before 6.8.5 has a default password of admin for the \"root\" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68473"
},
{
"name": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html"
},
{
"name": "20140709 Weak Local Database Credentials in Infoblox Network Automation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"name": "1030542",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030542"
},
{
"name": "infoblox-cve20143419-default-account(94450)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"name": "https://github.com/depthsecurity/NetMRI-2014-3418",
"refsource": "MISC",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"name": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html",
"refsource": "MISC",
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3419",
"datePublished": "2014-07-15T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32813 (GCVE-0-2025-32813)
Vulnerability from cvelistv5
Published
2025-05-22 00:00
Modified
2025-05-23 18:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-23T18:21:29.221650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T18:22:10.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T14:34:55.689Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32813"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32813",
"datePublished": "2025-05-22T00:00:00.000Z",
"dateReserved": "2025-04-11T00:00:00.000Z",
"dateUpdated": "2025-05-23T18:22:10.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6643 (GCVE-0-2018-6643)
Vulnerability from cvelistv5
Published
2018-08-28 19:00
Modified
2024-08-05 06:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/undefinedmode/CVE-2018-6643 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:11.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/undefinedmode/CVE-2018-6643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/undefinedmode/CVE-2018-6643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/undefinedmode/CVE-2018-6643",
"refsource": "MISC",
"url": "https://github.com/undefinedmode/CVE-2018-6643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6643",
"datePublished": "2018-08-28T19:00:00",
"dateReserved": "2018-02-05T00:00:00",
"dateUpdated": "2024-08-05T06:10:11.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3418 (GCVE-0-2014-3418)
Vulnerability from cvelistv5
Published
2014-07-15 14:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/68471 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/532709/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2014/Jul/35 | mailing-list, x_refsource_FULLDISC | |
| http://www.exploit-db.com/exploits/34030 | exploit, x_refsource_EXPLOIT-DB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94449 | vdb-entry, x_refsource_XF | |
| https://github.com/depthsecurity/NetMRI-2014-3418 | x_refsource_MISC | |
| http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68471"
},
{
"name": "20140709 OS Command Injection Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"name": "20140709 CVE-2014-3418 - OS Command Injection Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/35"
},
{
"name": "34030",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"name": "infoblox-cve20143418-command-exec(94449)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "68471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68471"
},
{
"name": "20140709 OS Command Injection Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"name": "20140709 CVE-2014-3418 - OS Command Injection Infoblox Network Automation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/35"
},
{
"name": "34030",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"name": "infoblox-cve20143418-command-exec(94449)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68471"
},
{
"name": "20140709 OS Command Injection Infoblox Network Automation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"name": "20140709 CVE-2014-3418 - OS Command Injection Infoblox Network Automation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/35"
},
{
"name": "34030",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"name": "infoblox-cve20143418-command-exec(94449)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"name": "https://github.com/depthsecurity/NetMRI-2014-3418",
"refsource": "MISC",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"name": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html",
"refsource": "MISC",
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3418",
"datePublished": "2014-07-15T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-54188 (GCVE-0-2024-54188)
Vulnerability from cvelistv5
Published
2025-05-22 00:00
Modified
2025-05-23 18:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-54188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-23T18:23:56.836964Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T18:26:09.512Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T14:36:24.480Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2024-54188"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-54188",
"datePublished": "2025-05-22T00:00:00.000Z",
"dateReserved": "2024-12-01T00:00:00.000Z",
"dateUpdated": "2025-05-23T18:26:09.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6484 (GCVE-0-2016-6484)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 01:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1036736 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/539366/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/92794 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html"
},
{
"name": "1036736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036736"
},
{
"name": "20160906 [CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539366/100/0/threaded"
},
{
"name": "92794",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html"
},
{
"name": "1036736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036736"
},
{
"name": "20160906 [CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539366/100/0/threaded"
},
{
"name": "92794",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92794"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html"
},
{
"name": "1036736",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036736"
},
{
"name": "20160906 [CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539366/100/0/threaded"
},
{
"name": "92794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92794"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6484",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-07-27T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-08-28 19:29
Modified
2024-11-21 04:11
Severity ?
Summary
Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/undefinedmode/CVE-2018-6643 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/undefinedmode/CVE-2018-6643 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82A90C57-AEC2-444A-926A-F250B2A707D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter."
},
{
"lang": "es",
"value": "Infoblox NetMRI 7.1.1 tiene Cross-Site Scripting (XSS) reflejado mediante el par\u00e1metro query en /api/docs/index.php."
}
],
"id": "CVE-2018-6643",
"lastModified": "2024-11-21T04:11:03.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-28T19:29:20.270",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/undefinedmode/CVE-2018-6643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/undefinedmode/CVE-2018-6643"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-22 15:16
Modified
2025-06-03 13:52
Severity ?
Summary
Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7386D948-8CAD-4AC9-B710-FA1B91F3C467",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access."
},
{
"lang": "es",
"value": "Infoblox NETMRI anterior a 7.6.1 tiene una vulnerabilidad que permite a usuarios autenticados remotamente leer archivos arbitrarios con acceso root."
}
],
"id": "CVE-2024-54188",
"lastModified": "2025-06-03T13:52:30.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-22T15:16:03.823",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2024-54188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/539366/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/92794 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1036736 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/539366/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92794 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036736 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A232D8-63FC-4C59-97B5-9D88B57C388C",
"versionEndIncluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en Infoblox Network Automation NetMRI en versiones anteriores a 7.1.1 permite a atacantes remotos inyectar encabezados HTTP arbitrarios y llevar acabo ataques de divisi\u00f3n de respuesta HTTP a trav\u00e9s del par\u00e1metro contentType en una acci\u00f3n de inicio de sesi\u00f3n para config/userAdmin/login.tdf."
}
],
"id": "CVE-2016-6484",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.003",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/539366/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92794"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-Response-Splitting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/539366/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036736"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-93"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-20 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB509A6-4512-4FEA-98FA-1D79CD4E00D3",
"versionEndIncluding": "6.8.2.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request."
},
{
"lang": "es",
"value": "Anyterm Daemon en Infoblox Network Automation NetMRI anterior a NETMRI-23483 permite a atacantes remotos ejecutar comandos arbitrarios con privilegios de root a trav\u00e9s de una respuesta terminal/anyterm-module manipulada."
}
],
"id": "CVE-2015-2033",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-20T11:59:05.687",
"references": [
{
"source": "cve@mitre.org",
"url": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/73423"
},
{
"source": "cve@mitre.org",
"url": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://unsecurityresearch.com/index.php?option=com_content\u0026view=article\u0026id=46\u0026Itemid=53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-15 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C8505F-1ECA-41DC-A7A7-2357EAD6F2AE",
"versionEndIncluding": "6.8.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.0.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE2F6EF-EDC9-46BF-BAE9-3DF54D6D81C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA557660-0B78-4D48-A264-B6B391FA1755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8A7042-1A18-4F56-8449-26E0F17864B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.2.1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE9F395-4A62-47EF-9265-99FCA07FA479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.8.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF51070-50CA-423B-9FA9-146991A9BDE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter."
},
{
"lang": "es",
"value": "config/userAdmin/login.tdf en Infoblox NetMRI anterior a 6.8.5 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el par\u00e1metro skipjackUsername."
}
],
"id": "CVE-2014-3418",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-15T14:55:09.387",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/35"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68471"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-22 15:16
Modified
2025-06-03 12:59
Severity ?
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7386D948-8CAD-4AC9-B710-FA1B91F3C467",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Infoblox NETMRI anterior a la versi\u00f3n 7.6.1. Puede producirse una inyecci\u00f3n SQL no autenticada."
}
],
"id": "CVE-2025-32814",
"lastModified": "2025-06-03T12:59:57.153",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-22T15:16:04.637",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32814"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-22 18:15
Modified
2025-05-30 01:18
Severity ?
Summary
In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7386D948-8CAD-4AC9-B710-FA1B91F3C467",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks."
},
{
"lang": "es",
"value": "En Infoblox NETMRI anterior a 7.6.1, los usuarios autenticados pueden realizar ataques de inyecci\u00f3n SQL."
}
],
"id": "CVE-2024-52874",
"lastModified": "2025-05-30T01:18:52.420",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-22T18:15:40.543",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2024-52874"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-15 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C8505F-1ECA-41DC-A7A7-2357EAD6F2AE",
"versionEndIncluding": "6.8.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.0.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE2F6EF-EDC9-46BF-BAE9-3DF54D6D81C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA557660-0B78-4D48-A264-B6B391FA1755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8A7042-1A18-4F56-8449-26E0F17864B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.2.1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE9F395-4A62-47EF-9265-99FCA07FA479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.8.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF51070-50CA-423B-9FA9-146991A9BDE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Infoblox NetMRI before 6.8.5 has a default password of admin for the \"root\" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors."
},
{
"lang": "es",
"value": "Infoblox NetMRI anterior a 6.8.5 tiene una contrase\u00f1a de administraci\u00f3n por defecto para la cuenta de la base de datos MySQL \u0027root\u0027, lo que facilita a usuarios locales obtener el acceso a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3419",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-15T14:55:09.683",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68473"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030542"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/depthsecurity/NetMRI-2014-3418"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-22 15:16
Modified
2025-06-03 12:59
Severity ?
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7386D948-8CAD-4AC9-B710-FA1B91F3C467",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Infoblox NETMRI anterior a la versi\u00f3n 7.6.1. Es posible que se omita la autenticaci\u00f3n mediante una credencial codificada."
}
],
"id": "CVE-2025-32815",
"lastModified": "2025-06-03T12:59:26.683",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-22T15:16:04.750",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32815"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-20 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.0.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE2F6EF-EDC9-46BF-BAE9-3DF54D6D81C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA557660-0B78-4D48-A264-B6B391FA1755",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D32DA7-06E8-465E-8596-ED5226F0790F",
"versionEndIncluding": "6.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infoblox:netmri:6.2.1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE9F395-4A62-47EF-9265-99FCA07FA479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en netmri/config/userAdmin/login.tdf en Infoblox NetMRI v6.0.2.42, v6.1.2, v6.2.1 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) eulaAccepted o (2) mode.\r\n"
}
],
"id": "CVE-2011-5178",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-09-20T10:55:23.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Nov/158"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46854"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securitytracker.com/id?1026319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://foregroundsecurity.com/secure-coding-and-security-qa/111-infoblox-netmri-621-612-and-60242-multiple-cross-site-scripting-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Nov/158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v602-netmri-8831gpg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v612-netmri-8831gpg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.infoblox.com/community/downloads/hotfix-v621-netmri-8831gpg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securitytracker.com/id?1026319"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-22 15:16
Modified
2025-06-03 13:53
Severity ?
Summary
An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7386D948-8CAD-4AC9-B710-FA1B91F3C467",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Infoblox NETMRI anterior a la versi\u00f3n 7.6.1. Puede producirse una inyecci\u00f3n remota de comandos no autenticados."
}
],
"id": "CVE-2025-32813",
"lastModified": "2025-06-03T13:53:24.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-22T15:16:04.523",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32813"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
var-201407-0032
Vulnerability from variot
Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors. Infoblox Network Automation is a network automation product. Infoblox Network Automation has a weak password with a username/password of root/root. Multiple Infoblox Network Automation Products including NetMRI, Switch Port Manager, Automation Change Manager and Security Device Controller are prone to a local security-bypass vulnerability. Local attackers may exploit this issue to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.1.2"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.0.2.42"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.2.1"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.2.1.48"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.8.2.11"
},
{
"model": "netmri",
"scope": "lte",
"trust": 1.0,
"vendor": "infoblox",
"version": "6.8.4"
},
{
"model": "netmri",
"scope": "lt",
"trust": 0.8,
"vendor": "infoblox",
"version": "6.8.5"
},
{
"model": "inc network automation",
"scope": null,
"trust": 0.6,
"vendor": "infoblox",
"version": null
},
{
"model": "netmri",
"scope": "eq",
"trust": 0.6,
"vendor": "infoblox",
"version": "6.8.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:infoblox:netmri",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nate Kettlewell of Depth Security",
"sources": [
{
"db": "BID",
"id": "68473"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3419",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-3419",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2014-04294",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3419",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-3419",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-04294",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-344",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Infoblox NetMRI before 6.8.5 has a default password of admin for the \"root\" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors. Infoblox Network Automation is a network automation product. Infoblox Network Automation has a weak password with a username/password of root/root. Multiple Infoblox Network Automation Products including NetMRI, Switch Port Manager, Automation Change Manager and Security Device Controller are prone to a local security-bypass vulnerability. \nLocal attackers may exploit this issue to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3419"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "BID",
"id": "68473"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3419",
"trust": 3.3
},
{
"db": "BID",
"id": "68473",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1030542",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "127410",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-04294",
"trust": 0.6
},
{
"db": "XF",
"id": "94450",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "BID",
"id": "68473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"id": "VAR-201407-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
}
]
},
"last_update_date": "2024-11-23T22:39:00.789000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Infoblox NetMRI",
"trust": 0.8,
"url": "http://www.infoblox.jp/products/network-automation/netmri"
},
{
"title": "Infoblox Network Automation product local security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/47484"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"trust": 2.4,
"url": "https://github.com/depthsecurity/netmri-2014-3418"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/127410/infoblox-6.8.4.x-weak-mysql-password.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/68473"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1030542"
},
{
"trust": 1.4,
"url": "http://www.securityfocus.com/archive/1/archive/1/532710/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/532710/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94450"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3419"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3419"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/532710"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/94450"
},
{
"trust": 0.3,
"url": "http://www.infoblox.com/sites/infobloxcom/files/resources/infoblox-datasheet-automation-change-manager.pdf"
},
{
"trust": 0.3,
"url": "http://www.infoblox.com/landing/control-your-network/security-device-controller"
},
{
"trust": 0.3,
"url": "http://www.infoblox.com/en/products/netmri.html"
},
{
"trust": 0.3,
"url": "http://www.infoblox.com/sites/infobloxcom/files/resources/infoblox-datasheet-switch-port-manager.pdf"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/jul/43"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "BID",
"id": "68473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"db": "BID",
"id": "68473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"date": "2014-07-09T00:00:00",
"db": "BID",
"id": "68473"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"date": "2014-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"date": "2014-07-15T14:55:09.683000",
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04294"
},
{
"date": "2014-07-09T00:00:00",
"db": "BID",
"id": "68473"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"date": "2014-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-344"
},
{
"date": "2024-11-21T02:08:03.317000",
"db": "NVD",
"id": "CVE-2014-3419"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "68473"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Infoblox NetMRI Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-344"
}
],
"trust": 0.6
}
}
var-201808-1009
Vulnerability from variot
Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. InfobloxNetMRI is a network automation product from Infoblox, USA that provides automated network discovery, switch port management, network change automation, and continuous configuration compliance management for routers, switches, and other network devices. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML by sending a \342\200\230query\342\200\231 parameter to the /api/docs/index.php file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-1009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netmri",
"scope": "eq",
"trust": 3.0,
"vendor": "infoblox",
"version": "7.1.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:infoblox:netmri",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
}
]
},
"cve": "CVE-2018-6643",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-6643",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17627",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-6643",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6643",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-6643",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-17627",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-866",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. InfobloxNetMRI is a network automation product from Infoblox, USA that provides automated network discovery, switch port management, network change automation, and continuous configuration compliance management for routers, switches, and other network devices. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML by sending a \\342\\200\\230query\\342\\200\\231 parameter to the /api/docs/index.php file",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6643"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNVD",
"id": "CNVD-2018-17627"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6643",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-17627",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"id": "VAR-201808-1009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
}
]
},
"last_update_date": "2024-11-23T22:34:07.983000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.infoblox.com/ "
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/undefinedmode/cve-2018-6643"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6643"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6643"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"date": "2018-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"date": "2018-08-28T19:29:20.270000",
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"date": "2018-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009926"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-866"
},
{
"date": "2024-11-21T04:11:03.220000",
"db": "NVD",
"id": "CVE-2018-6643"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Infoblox NetMRI Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17627"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-866"
}
],
"trust": 0.6
}
}
var-201407-0031
Vulnerability from variot
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter. Infoblox NetMRI Is "root" of MySQL There is a vulnerability in which access rights can be obtained because the default password of the administrator is used for the database account.Local users may be able to gain access. Infoblox Network Automation is a network automation product. Infoblox Network Automation failed to properly handle the input submitted by the user via the skipjackUsername POST parameter, allowing remote attackers to exploit the vulnerability to inject operating system commands to the root user. Multiple Infoblox Network Automation Products including NetMRI, Switch Port Manager, Automation Change Manager and Security Device Controller are prone to an OS command-injection vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netmri",
"scope": "lt",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.8.5"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.1.2"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.0.2.42"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.2.1"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.2.1.48"
},
{
"model": "netmri",
"scope": "eq",
"trust": 1.6,
"vendor": "infoblox",
"version": "6.8.2.11"
},
{
"model": "netmri",
"scope": "lte",
"trust": 1.0,
"vendor": "infoblox",
"version": "6.8.4"
},
{
"model": "inc network automation",
"scope": null,
"trust": 0.6,
"vendor": "infoblox",
"version": null
},
{
"model": "netmri",
"scope": "eq",
"trust": 0.6,
"vendor": "infoblox",
"version": "6.8.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:infoblox:netmri",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nate Kettlewell of Depth Security.",
"sources": [
{
"db": "BID",
"id": "68471"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3418",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3418",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-3418",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-04293",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3418",
"trust": 1.6,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3418",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-04293",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-343",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter. Infoblox NetMRI Is \"root\" of MySQL There is a vulnerability in which access rights can be obtained because the default password of the administrator is used for the database account.Local users may be able to gain access. Infoblox Network Automation is a network automation product. Infoblox Network Automation failed to properly handle the input submitted by the user via the skipjackUsername POST parameter, allowing remote attackers to exploit the vulnerability to inject operating system commands to the root user. Multiple Infoblox Network Automation Products including NetMRI, Switch Port Manager, Automation Change Manager and Security Device Controller are prone to an OS command-injection vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3418"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "BID",
"id": "68471"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3418",
"trust": 4.1
},
{
"db": "BID",
"id": "68471",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "34030",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-04293",
"trust": 0.6
},
{
"db": "XF",
"id": "94449",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "BID",
"id": "68471"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"id": "VAR-201407-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
}
]
},
"last_update_date": "2024-11-23T22:39:00.753000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Infoblox NetMRI",
"trust": 1.6,
"url": "http://www.infoblox.jp/products/network-automation/netmri"
},
{
"title": "Patch for Infoblox Network Automation product OS command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/47486"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
},
{
"problemtype": "CWE-255",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://github.com/depthsecurity/netmri-2014-3418"
},
{
"trust": 3.2,
"url": "http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/34030"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/jul/35"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/68471"
},
{
"trust": 1.4,
"url": "http://www.securityfocus.com/archive/1/archive/1/532709/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94449"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/532709/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3419"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3419"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/archive/1/532710/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3418"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3418"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/532710"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/94449"
},
{
"trust": 0.3,
"url": "http://www.infoblox.com/en/products/netmri.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "BID",
"id": "68471"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"db": "BID",
"id": "68471"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"date": "2014-07-09T00:00:00",
"db": "BID",
"id": "68471"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"date": "2014-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"date": "2014-07-15T14:55:09.387000",
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04293"
},
{
"date": "2014-07-09T00:00:00",
"db": "BID",
"id": "68471"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003358"
},
{
"date": "2014-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003357"
},
{
"date": "2014-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-343"
},
{
"date": "2024-11-21T02:08:03.163000",
"db": "NVD",
"id": "CVE-2014-3418"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Infoblox NetMRI Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003358"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-343"
}
],
"trust": 0.6
}
}