Fortinet Discovers Infoblox NetMRI netmri_help XSS Vulnerability
Fortinet's FortiGuard Labs has discovered a cross-site scripting (XSS) vulnerability in Infoblox NetMRI.
Infoblox is a network controller company. The company provides network automation and domain name system (DNS) security through appliance-based solutions that enable and secure dynamic network and data center. It offers four product families: core network services, infrastructure security, cloud network automation and network change and configuration management.
Infoblox NetMRI provides automatic network discovery, switch port management, network change automation, and continuous security policy and configuration compliance management for multi-vendor routers, switches, and other layer-2 and layer-3 network devices. NetMRI is the only platform that supports traditional and virtual network constructs for multi-vendor network automation.
A cross-site scripting (XSS) vulnerability has been discovered in Infoblox NetMRI. The vulnerability exists due to insufficiently sanitizing user-supplied data in HTTP request sent to "netmri_help.tdf" so that remote attackers can exploit it to launch XSS attack. Successful exploitation against this vulnerability would allow injection and execution of arbitrary HTML and script code in the target user's browser in the security context of the affected Infoblox NetMRI.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Mar 09, 2015
Users should apply the solution provided by Infoblox.
This vulnerability was discovered by Honggang Ren of Fortinet's FortiGuard Labs.