CVE-2024-37566

CVE-2024-37566 is an improper authentication vulnerability (CWE-284) in Infoblox NIOS through version 8.6.4, specifically affecting Grid functionality. Published on 2025-02-27, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for complete system compromise.

Unauthenticated attackers with network access can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation enables high-impact outcomes, including unauthorized access leading to confidentiality breaches, integrity modifications, and availability disruptions on affected NIOS Grid deployments.

Infoblox has published mitigation guidance in their support article at https://support.infoblox.com/s/article/000010392. Security practitioners should consult this advisory for patching instructions and workarounds applicable to NIOS versions through 8.6.4.