A customer notification was sent out Friday April 11, 2014.
Summary:
- Infoblox DDI and NetMRI products are NOT effected by the OpenSSL “Heartbleed” defect.
- Infoblox Customer Support Portal has been patched, eliminating the defect – customers are strongly encouraged to change their support passwords.
Dear Infoblox Customer,
On April 7, 2014, it was announced that certain versions of OpenSSL had a severe memory handling defect. This defect, informally known as “Heartbleed,” could be exploited by attackers to read the memory of systems using vulnerable versions of the OpenSSL open source library.
No Impact on Infoblox Products
This letter is to notify Infoblox customers using the products listed below that those products ARE NOT effected by the OpenSSL defect. No action is required by users of those products.
Infoblox products:
• All Infoblox DDI products running NIOS
• ALL Infoblox Network Automation products including NetMRI, Switch Port Manager, Automation Change Manager, Security Device Controller
For Infoblox Support Portal Users:
For customers accessing Infoblox support via the Infoblox Support Portal, the appropriate systems have been patched and updated to address the defect.
As a precaution, we strongly encourage that you change your support portal password (once you login, please find the “change password” link under “Account Settings”)
If you have additional questions or concerns, please don’t hesitate to contact Infoblox Support.
For More Detail Please See Reference Material
• Infoblox Knowledge Base (via Infoblox Support Portal)
• Department of Homeland Security National Vulnerability Database
• Common Vulnerabilities and Exposures Website (CVE) Article
Sincerely,
Infoblox Support and Engineering Teams