Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6643 | 1 Infoblox | 1 Netmri | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. | |||||
| CVE-2016-6484 | 1 Infoblox | 1 Netmri | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf. | |||||
| CVE-2015-2033 | 1 Infoblox | 1 Netmri | 2023-12-10 | 10.0 HIGH | N/A |
| Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request. | |||||
| CVE-2014-3418 | 1 Infoblox | 1 Netmri | 2023-12-10 | 10.0 HIGH | N/A |
| config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter. | |||||
| CVE-2014-3419 | 1 Infoblox | 1 Netmri | 2023-12-10 | 7.2 HIGH | N/A |
| Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors. | |||||
| CVE-2011-5178 | 1 Infoblox | 1 Netmri | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter. | |||||