CVE-2023-37249
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-37249 is a recently disclosed vulnerability affecting Infoblox NIOS versions up to 8.5.1. The issue stems from a faulty component in the software that fails to adequately sanitize malicious input, allowing attackers to gain shell access. This flaw poses a significant risk, as successful exploitation could lead to unauthorized system control and potentially severe data breaches. Infoblox strongly recommends users upgrade to a patched version as soon as possible to mitigate this threat. In more detail, the vulnerability (CVE-2023-37249) arises due to a flawed input handling mechanism within Infoblox NIOS. This weakness permits attackers to submit malicious data without proper validation, leading them to execute shell commands if the condition is met. The consequences of this vulnerability could result in complete system compromise, jeopardizing security and confidentiality. Infoblox strongly advises users to apply the available patch to address this issue promptly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Infoblox NIOS
Affected Vendors
- Infoblox