CVE-2023-37249

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 25, 2023
Updated: Aug 31, 2023

Summary

CVE-2023-37249 is a recently disclosed vulnerability affecting Infoblox NIOS versions up to 8.5.1. The issue stems from a faulty component in the software that fails to adequately sanitize malicious input, allowing attackers to gain shell access. This flaw poses a significant risk, as successful exploitation could lead to unauthorized system control and potentially severe data breaches. Infoblox strongly recommends users upgrade to a patched version as soon as possible to mitigate this threat. In more detail, the vulnerability (CVE-2023-37249) arises due to a flawed input handling mechanism within Infoblox NIOS. This weakness permits attackers to submit malicious data without proper validation, leading them to execute shell commands if the condition is met. The consequences of this vulnerability could result in complete system compromise, jeopardizing security and confidentiality. Infoblox strongly advises users to apply the available patch to address this issue promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share