PT-2025-2738 · Infoblox · Infoblox Bloxone
Published
2025-01-09
·
Updated
2025-01-10
·
CVE-2024-46505
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Infoblox BloxOne version 2.4
Description:
A business logic flaw was discovered due to thick client vulnerabilities.
Recommendations:
For Infoblox BloxOne version 2.4, consider restricting access to the thick client until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Incorrect Default Permissions
Using Hardcoded Credentials
Cleartext Storage of Sensitive Information
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Infoblox Bloxone