Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormNate KettlewellPACKETSTORM:127410
HistoryJul 09, 2014 - 12:00 a.m.

Infoblox 6.8.4.x Weak MySQL Password

2014-07-0900:00:00
Nate Kettlewell
packetstormsecurity.com
50

0.0004 Low

EPSS

Percentile

5.1%

JSON
`Product: Network Automation  
• NetMRI  
• Switch Port Manager  
• Automation Change Manager  
• Security Device Controller  
  
Vendor: InfoBlox  
Vulnerable Version(s): 6.4.X.X-6.8.4.X  
Tested Version: 6.8.2.11  
  
Vendor Notification: May 12th, 2014   
Public Disclosure: July 9th, 2014   
  
Vulnerability Type: OS Command Injection [CWE-521]  
CVE Reference: CVE-2014-3419  
Risk Level: High   
CVSSv2 Base Score: 5.2 (AV:L/AC:L/Au:S/C:C/I:P/A:N)  
Solution Status: Solution Available  
  
Discovered and Provided: Nate Kettlewell, Depth Security ( https://www.depthsecurity.com/ )  
  
------------------------------------------------------------------------  
-----------------------  
  
Advisory Details:  
  
Depth Security discovered a vulnerability in the InfoBlox Network Automation Products. This attack requires OS level access which must be obtained via another method.  
  
1) Weak password on local MySQL database: CVE-2014-3419  
  
The vulnerability exists due to a weak password used for local MySQL access  
  
An authenticated user with shell access to the operating system can access the contents of any database in the local MySQL instance using the local MySQL client (“mysql –u root –p”) with the following credentials:  
  
Username: root  
Password: root  
  
Sensitive information such as SNMP community names and network device credentials are encrypted inside of the database.  
------------------------------------------------------------------------  
-----------------------  
  
Solution:  
  
The vendor has released a hotfix to remediate this vulnerability on existing installations. The flaw was corrected in the 6.8.5 release.  
  
------------------------------------------------------------------------  
-----------------------  
  
References:  
  
[1] Depth Security Advisory - http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html - OS Command Injection in NetMRI.  
[2] NetMRI - http://www.infoblox.com/products/network-automation/netmri - NetMRI is an Enterprise Network Management Appliance.  
[3] Common Weakness Enumeration (CWE) - http://cwe.mitre.org/ - targeted to developers and security practitioners, CWE is a formal list of software weakness types.  
------------------------------------------------------------------------  
-----------------------  
`

Related

prion 1
cvelist 1
cve 1
nvd 1
securityvulns 2
zdt 1
openvas 2
prion
prion
Default credentials
2014-07-15 14:55:00
cvelist
cvelist
CVE-2014-3419
2014-07-15 14:00:00
cve
cve
CVE-2014-3419
2014-07-15 14:55:09
nvd
nvd
CVE-2014-3419
2014-07-15 14:55:09
securityvulns
securityvulns
Weak Local Database Credentials in Infoblox Network Automation
2014-10-16 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-10-17 00:00:00
zdt
zdt
Infoblox 6.8.2.11 - OS Command Injection / Weak MySQL Password Vulnerability
2014-07-10 00:00:00
openvas
openvas
Infoblox NetMRI OS Command Injection Vulnerability
2014-07-15 00:00:00
MySQL / MariaDB Default Credentials (MySQL Protocol)
2012-08-23 00:00:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for PACKETSTORM:127410
prion1cvelist1cve1nvd1securityvulns2zdt1openvas2