Trending KB Articles

Home

NIOS is vulnerable to CVE-2023-37249
August 2, 2023 • Knowledge Overview and Impact: Currently supported Infoblox NIOS versions through 8.5.2 have a faulty component that accepts malicious input without sanitization, resulting in shell access. The absence of proper validation on an input field allowed for the exploitation of a remote code execution (RCE)…
Threat Intel Alert: Infoblox Reveals Shift in Decoy Dog Malware Tactics After Initial Discovery
Aug 1, 2023•Knowledge Threat Intel Alert: Infoblox Reveals Shift in Decoy Dog Malware Tactics After Initial Discovery On July 25, 2023 Infoblox released critical updates and a second detailed report regarding the “Decoy Dog” malware. We have determined that no Infoblox customer devices have been compromised. However, the…
CVE-2023-34362 CVE-2023-35036 Progress MOVEit Transfer
Knowledge Base Article 000008989 July 7, 2023•Knowledge MOVEit CVE Response CVE-2023-34362: Progress MOVEit Transfer (May 31, 2023) CVE-2023-35036: Progress MOVEit Transfer (June 9, 2023) CVE-2023-35708: Progress MOVEit Transfer (June 15, 2023) CVE-2023-36932: Progress MOVEit Transfer (July 5, 2023) CVE-2023-36933:…
DNS Beacons Connecting to Russian C2s
KB Article #: 000008841 Apr 18, 2023•Knowledge Infoblox Threat Intelligence Advisory Alert: Newly Identified DNS Beacons Connecting to Russian C2s Infoblox’s Threat Intelligence Group is the first to identify a set of beacons that exploit DNS to establish communications with C2 infrastructure located in Russia. The beacons…
Combination Threat Feed Best Practices
Apr 11, 2023•Knowledge KB Article #000008825 What best practices should be considered when using Combination Threat Feeds? The Best Practices for Combination Feeds document contains many details, considerations, and recommendations for deploying Combination Threat Feeds.The above document is attached to this knowledge base…
Infoblox Licensing Guidelines
KB Article 000001496 Mar 9, 2023•Knowledge Guidelines to Assign, Unassign, Download, and Install Infoblox Licenses Using the 'My Products' tab in the Support PortalInfoblox recommends using Google Chrome for best results to log in to the support portal (https://support.infoblox.com). Click on 'My Products' to open the…
Choosing the right severity for cases – General guidelines to help customers
Feb 17, 2023•Knowledge * Overview of the Severity levels. * Choosing the right severity for a case. * Responding to customer requests to increase the severity of the cases. Overview of the severity level Infoblox Support Entitlements permit four different severity levels to choose from (Severity 1-4; Severity 1 being the…
CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation
January 19, 2023 Question/Summary: CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation. Customer Environment: Customers who are running BloxOne Endpoint on their host devices. Overview and Impact: A vulnerability was found in the executable run by the Infoblox BloxOne Endpoint agent, enabling a…
Infoblox NIOS Product is vulnerable to CVE-2022-0778
Dec 9, 2022•Knowledge SummaryCVE-2022-0778 - With OpenSSL, it is possible to trigger an infinite loop via operations that require the public key from the certificate. For example, this loop can be triggered by crafting a certificate that has invalid explicit curve parameters or when parsing crafted private keys (as they…
Infoblox NIOS Product is vulnerable to CVE-2022-2928 and CVE-2022-2929
Oct 5, 2022•Knowledge Summary CVE-2022-2928 - Results from a failure to re-initialize a field when replying to a DHCPv4 lease query. CVE-2022-2929 - Failure to free memory allocated when processing DHCPv4 option 81 FQDN values. Overview On October 5th, 2022 ISC announced two new vulnerabilities, CVE-2022-2928 and…