Trending KB Articles

Home

Infoblox products BloxOne and NIOS are vulnerable to CVE-2022-2795
Oct 12, 2022•Knowledge Summary Processing large delegations may severely degrade resolver performance. Overview On September 21, 2022 ISC announced a new vulnerability, CVE-2022-2795. A flaw in resolver code can cause named to spend excessive amounts of time on processing large delegations. Program impacted: BIND Severity:…
Infoblox products BloxOne and NIOS are vulnerable to CVE-2022-38177 and CVE-2022-38178
Oct 12, 2022•Knowledge Summary Memory leaks exist in EdDSA and ECDSA DNSSEC verification code. Overview On September 21, 2022 ISC announced two new vulnerabilities, CVE-2022-38177 and 38178. The DNSSEC verification code for the ECDSA algorithm leaks memory when there is a signature length mismatch. Program impacted: BIND…
NetMRI 7.5.3 Released 31 Aug 2022
Introduction All existing customers have the option to upgrade their deployments to the auto-failover configuration for standalone, operations center, and collector appliances. The following sections describe new features, supported devices, guidelines for upgrading devices, resolved issues, and known issues for the…
Are NIOS or BloxOne products vulnerable to CVE-2022-2274?
Jul 14, 2022•Knowledge Are NIOS, NetMRI, or BloxOne products vulnerable to CVE-2022-2274? NIOS is not vulnerable. As of July 7th, 2022, we do not use OpenSSL 3.0.4 in any of the BloxOne products. We will continue to review BloxOne and NetMRI products and update this KB if more information becomes available.
End-Of-Life – NIOS 8.4
Feb 9, 2022•Knowledge 30 Day ALERT!! NIOS 8.4 will reach end of life as of 2nd March 2022. We recognize the needs of our customers in keeping their critical business operations up and running. We are making this announcement to alert you to plan for migration to our current supported 8.x release prior to the EOL date.…
Infoblox BLOXONE, NIOS and NETMRI products are not vulnerable to CVE-2022-1183
May 18, 2022•Knowledge Are BLOXONE, NIOS and NETMRI products vulnerable to CVE-2022-1183? Summary Infoblox products BLOXONE, NIOS and NETMRI are not vulnerable to CVE-2022-1183 . An assertion failure can be triggered if a TLS connection to a configured http TLS listener with a defined endpoint is destroyed too early.…
Infoblox products not vulnerable to uClibc and uClibc-ng issues
May 9, 2022•Knowledge Summary: Current Infoblox Products are not affected by this issue tracked by CVE-2022-30295. Overview and Impact: There is no impact to current Infoblox NIOS, NetMRI or BloxOne products. These libraries are not used by current Infoblox products. Affected Versions: No active Infoblox Products are…
Infoblox NIOS and BloxOne products not vulnerable to CVE-2022-22965
Apr 6, 2022•Knowledge Summary: On March 31, 2022, a vulnerability was discovered in Spring MVC and Spring WebFlux applications running on JDK 9+. This vulnerability was identified under CVE-2022-22965 (Spring4Shell). Overview and Impact: CVE-2022-22965 (Spring4Shell) is the designation for this vulnerability and affects…
BloxOne DDI-DNS is vulnerable to CVE-2022-0396
Mar 16, 2022•Knowledge Infoblox BloxOne DDI-DNS is vulnerable to CVE-2022-0396 Summary On March 16th’ 2022 ISC announced an issue in BIND that allows TCP connection slots to be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. This issue is triggered in BloxOne DDI DNS-BIND…
BloxOne DDI-DNS is vulnerable to CVE-2021-25220
Mar 16, 2022•Knowledge Infoblox BloxOne DDI-DNS is vulnerable to CVE-2021-25220 Summary Using DNS forwarders can result in incorrect responses being sent to clients. Overview On March 16th, 2022, ISC announced a new vulnerability, CVE-2021-25220. When using forwarders, bogus NS records supplied by, or via, those forwarders…