Vulnerabilities > Infoblox > Nios

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2022-28975 Cross-site Scripting vulnerability in Infoblox Nios 8.5.2409296
A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.
network
low complexity
infoblox CWE-79
5.4
2023-08-25 CVE-2023-37249 Unspecified vulnerability in Infoblox Nios
Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.
network
low complexity
infoblox
8.8
2021-06-28 CVE-2020-15303 XML Entity Expansion vulnerability in Infoblox Nios
Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.
network
low complexity
infoblox CWE-776
4.0
2019-06-17 CVE-2018-10239 Permissions, Privileges, and Access Controls vulnerability in Infoblox Nios
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope.
local
low complexity
infoblox CWE-264
7.2