Infoblox NETMRI up to 7.6.0 information disclosure

Summaryinfo

A vulnerability was found in Infoblox NETMRI up to 7.6.0. It has been declared as problematic. This vulnerability affects unknown code. Executing a manipulation can lead to information disclosure. The identification of this vulnerability is CVE-2024-54188. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability was found in Infoblox NETMRI up to 7.6.0. It has been declared as problematic. This vulnerability affects some unknown processing. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality. CVE summarizes:

Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.

The advisory is available at support.infoblox.com. This vulnerability was named CVE-2024-54188 since 12/01/2024. The exploitation appears to be easy. The attack can be initiated remotely. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1592 by the MITRE ATT&CK project.

Upgrading to version 7.6.1 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2024-54565). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Vendor

• Infoblox

Name

• NETMRI

Version

• 7.0
• 7.1
• 7.2
• 7.3
• 7.4
• 7.5
• 7.6.0

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion