Summary
Infoblox NetMRI is prone to a OS Command Injection Vulnerability
Impact
An attacker may leverage these issues to execute arbitrary code as root
Solution
Update to Infoblox NetMRI >= 6.8.5
Affected
Infoblox NetMRI versions 6.4.X.X-6.8.4.X are vulnerable a
other versions may also be affected.
Detection
Send a special crafted HTTP POST request and check the response
References
Severity
Classification
-
CVE CVE-2014-3418, CVE-2014-3419 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities