National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:infoblox:netmri:6.8.2.11
There are 4 matching records.
Vuln ID Summary CVSS Severity
CVE-2016-6484

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.

Published: January 23, 2017; 04:59:02 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-2033

Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.

Published: February 20, 2015; 06:59:05 AM -05:00
V2: 10.0 HIGH
CVE-2014-3419

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.

Published: July 15, 2014; 10:55:09 AM -04:00
V2: 7.2 HIGH
CVE-2014-3418

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.

Published: July 15, 2014; 10:55:09 AM -04:00
V2: 10.0 HIGH