ThinkstockPhotos-511475207.jpg

Infoblox NIOS and BloxOne products not vulnerable to CVE-2022-22965

Apr 6, 2022Knowledge
 
Summary:
On March 31, 2022, a vulnerability was discovered in Spring MVC and Spring WebFlux applications running on JDK 9+. This vulnerability was identified under CVE-2022-22965 (Spring4Shell).
 
Overview and Impact:
CVE-2022-22965 (Spring4Shell) is the designation for this vulnerability and affects Spring MVC (spring-webmvc) and Spring WebFlux (spring-webflux) when running on JDK 9 or above.

NIOS and BloxOne products are not exploitable by this vulnerability.
 
Confirmed Not Impacted
  • NIOS and Bloxone products are not vulnerable.
Under investigation:
  • NETMRI product is still under investigation and Infoblox will update this KB as information becomes available.
Workaround:
No workaround needed for Infoblox NIOS and Bloxone product.

Resolution:
No action is required for NIOS or BloxOne products identified above.

Showing results for 
Search instead for 
Did you mean: