Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-2868
HistoryMay 24, 2023 - 7:15 p.m.

CVE-2023-2868

2023-05-2419:15:09
CWE-20
CWE-77
[email protected]
web.nvd.nist.gov
2
remote command injection
barracuda email security gateway
appliance
vulnerability
input validation
.tar file
remote attackers
system commands
perl
bnsf-36456 patch
customer appliances

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.1%

JSON

A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives).Β The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl’s qx operator with the privileges of the Email Security Gateway product.Β This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.

Affected configurations

NVD
Node
barracudaemail_security_gateway_300_firmwareRange5.1.3.001–9.2.0.006
AND
barracudaemail_security_gateway_300Match-
Node
barracudaemail_security_gateway_400_firmwareRange5.1.3.001–9.2.0.006
AND
barracudaemail_security_gateway_400Match-
Node
barracudaemail_security_gateway_600_firmwareRange5.1.3.001–9.2.0.006
AND
barracudaemail_security_gateway_600Match-
Node
barracudaemail_security_gateway_800_firmwareRange5.1.3.001–9.2.0.006
AND
barracudaemail_security_gateway_800Match-
Node
barracudaemail_security_gateway_900_firmwareRange5.1.3.001–9.2.0.006
AND
barracudaemail_security_gateway_900Match-

Related

cisa_kev 1
rapid7blog 3
prion 1
githubexploit 1
nessus 1
thn 8
krebs 1
malwarebytes 3
cvelist 1
cve 1
trellix 2
securelist 1
attackerkb 1
qualysblog 2
cisa_kev
cisa_kev
Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
2023-05-26 00:00:00
rapid7blog
rapid7blog
CVE-2023-2868: Total Compromise of Physical Barracuda ESG Appliances
2023-06-08 16:52:32
What’s New in InsightVM and Nexpose: Q2 2023 in Review
2023-06-29 13:00:00
Metasploit Weekly Wrap-Up
2023-06-09 22:02:27
prion
prion
Command injection
2023-05-24 19:15:00
githubexploit
githubexploit
Exploit for Command Injection in Barracuda Email Security Gateway 300 Firmware
2023-06-20 18:43:54
nessus
nessus
Barracuda Email Security Gateway < 9.2.0.008 Command Injection (CVE-2023-2868)
2023-06-23 00:00:00
thn
thn
Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks
2023-07-29 04:59:00
Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
2023-05-26 04:04:00
Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway
2023-06-15 14:56:00
krebs
krebs
Barracuda Urges Replacing β€” Not Patching β€” Its Email Security Gateways
2023-06-08 20:17:06
malwarebytes
malwarebytes
Compromised Barracuda appliances equipped with persistent backdoors by attackers
2023-07-31 03:00:00
FBI confirms Barracuda patch is not effective for exploited ESG appliances
2023-08-29 14:30:00
[updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway
2023-05-30 01:00:00
cvelist
cvelist
CVE-2023-2868 Remote Code injection in Barracuda Email Security Gateway
2023-05-24 18:00:52
cve
cve
CVE-2023-2868
2023-05-24 19:15:09
trellix
trellix
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
securelist
securelist
Advanced threat predictions for 2024
2023-11-14 10:00:24
attackerkb
attackerkb
CVE-2023-2868
2023-07-05 00:00:00
qualysblog
qualysblog
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023
2023-09-26 13:04:00
2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is
2023-12-19 15:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for NVD:CVE-2023-2868
cisa_kev1rapid7blog3prion1githubexploit1nessus1thn8krebs1malwarebytes3cvelist1cve1trellix2securelist1attackerkb1qualysblog2