Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation algorithm. A locally authenticated administrative user may be able to exploit this vulnerability if the "support access" feature is enabled, they know the support access code for the current session, and they know the algorithm to generate the support access password from the support access code. "Support access" is disabled by default. When enabled, the access will be automatically disabled (and support access code will expire) after the 24 hours.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Infoblox Network Identity Operating System 权限许可和访问控制问题漏洞
Vulnerability Description
Infoblox Network Identity Operating System(NIOS)是美国Infoblox公司的一套为Infoblox核心网络服务提供支持的操作系统。该系统主要用于保证基础网络设施的不间断运行。 Infoblox NIOS 6.8版本至8.4.1版本中的‘support access’功能存在权限许可和访问控制问题漏洞。本地攻击者可利用该漏洞暂时获取额外的权限,以超级用户权限执行操作。
CVSS Information
N/A
Vulnerability Type
N/A