Lucene search

[email protected]NVD:CVE-2015-0961

HistoryMay 25, 2015 - 10:59 p.m.

CVE-2015-0961

2015-05-2522:59:02

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.0%

JSON

Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected configurations

NVD

Node

barracudaweb_filterRange≤8.0.003

References

www.kb.cert.org/vuls/id/534407

blog.barracuda.com/2015/04/28/barracuda-delivers-updated-ssl-inspection-feature/

techlib.barracuda.com/BWF/UpdateSSLCerts

www.barracuda.com/support/techalerts

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.0%

JSON

Related for NVD:CVE-2015-0961

cve1 cvelist1 prion1 cert1 openvas1