Lucene search
+L

4 matches found

malwarebytes
malwarebytes
added 2023/08/29 2:30 p.m.51 views

FBI confirms Barracuda patch is not effective for exploited ESG appliances

In an FBI Flash about a Barracuda ESG vulnerability, listed as CVE-2023-2868, the FBI has stated that the patches released by Barracuda in response to this CVE were ineffective for anyone previously infected. Although both Barracude and Mandiant have already made this determination, the agency sa...

7.5CVSS7.1AI score0.86956EPSS
Exploits3
nessus
nessus
added 2023/06/23 12:0 a.m.85 views

Barracuda Email Security Gateway < 9.2.0.008 Command Injection (CVE-2023-2868)

According to its self-reported version, the Barracuda Email Security Gateway on the remote web server is 9.2.0.008. It is, therefore, affected by a command injection vulnerability in the processing of .tar files that could allow a remote, unauthenticated attacker to execute arbitrary commands wit...

9.8CVSS9.1AI score0.86956EPSS
Exploits3References6
rapid7blog
rapid7blog
added 2023/06/08 4:52 p.m.85 views

CVE-2023-2868: Total Compromise of Physical Barracuda ESG Appliances

Rapid7 incident response teams are investigating exploitation of physical Barracuda Networks Email Security Gateway ESG appliances dating back to at least November 2022. As of June 6, 2023, as part of an ongoing product incident response, Barracuda is urging ESG customers to immediately...

7.5CVSS9.2AI score0.86956EPSS
Exploits3
thn
thn
added 2023/06/08 3:41 a.m.57 views

Barracuda Urges Immediate Replacement of Hacked ESG Appliances

Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email Security Gateway ESG appliances to immediately replace them. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company sai...

9.8CVSS9.9AI score0.86956EPSS
Exploits3
Rows per page
Query Builder