Infoblox NIOS and BloxOne products are not vulnerable to CVE-2021-38647

Summary:

Sept. 23, 2021 • Infoblox NIOS VMs are not vulnerable to CVE-2021-38647.

Overview and Impact:

On September 14, 2021 Microsoft Corporation announced CVE-2021-38647 Security Vulnerability referring to the Open Management Infrastructure (OMI) agent tools. This tool is not able to be installed on many vendor’s virtual instances, including Infoblox NIOS VM deployments.

CVSS:3.0 9.8 / 8.5

Affected Versions:

NIOS is not vulnerable to this exploit.

Impact:

Infoblox NIOS product is not affected.

Workaround:

No workaround needed for Infoblox NIOS product.

Resolution:

No action needed for Infoblox NIOS VM instances. Additional information can be found from Microsoft at the following link: CVE-2021-38647 - Security Update Guide - Microsoft - Open Management Infrastructure Remote Code Execution Vulnerability If you have further questions, please contact your Microsoft Azure support team for assistance.