Vulnerabilites related to barracuda - email_security_gateway_600
Vulnerability from fkie_nvd
Published
2023-12-24 22:15
Modified
2024-11-21 08:45
Severity ?
Summary
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E60161F1-A5A9-41C1-A123-7163D353F927",
"versionEndIncluding": "9.2.1.001",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "824DAE15-3628-4346-947E-C33FA46AADE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "178F9F7E-C6B7-427A-9E0A-BB98E26443D4",
"versionEndIncluding": "9.2.1.001",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD3DD62-D690-47F9-8416-61AD78B33699",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D5514D-91F5-46D6-B936-353BA14BD862",
"versionEndIncluding": "9.2.1.001",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C507D86-2E68-44A4-A31C-EEF9A6BBEE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1048A03-2201-46DF-9AC9-AFB9FB26F61B",
"versionEndIncluding": "9.2.1.001",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74D999D5-6CE5-49F7-A0C5-0B44704FEE45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E070CD5-CFA8-4FD8-9291-74A0412CC3F2",
"versionEndIncluding": "9.2.1.001",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA6EA4B-B0FF-437B-A48E-F11D0CD5EB2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\n\n"
},
{
"lang": "es",
"value": "El uso de una librer\u00eda de terceros produjo una vulnerabilidad en el dispositivo Barracuda ESG de Barracuda Networks Inc. que permit\u00eda la inyecci\u00f3n de par\u00e1metros. Este problema afect\u00f3 al dispositivo Barracuda ESG, desde la versi\u00f3n 5.1.3.001 hasta la 9.2.1.001, hasta que Barracuda elimin\u00f3 la l\u00f3gica vulnerable."
}
],
"id": "CVE-2023-7102",
"lastModified": "2024-11-21T08:45:16.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-24T22:15:08.107",
"references": [
{
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/haile01/perl_spreadsheet_excel_rce_poc"
},
{
"source": "mandiant-cve@google.com",
"tags": [
"Product"
],
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171"
},
{
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md"
},
{
"source": "mandiant-cve@google.com",
"tags": [
"Product"
],
"url": "https://metacpan.org/dist/Spreadsheet-ParseExcel"
},
{
"source": "mandiant-cve@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/haile01/perl_spreadsheet_excel_rce_poc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://metacpan.org/dist/Spreadsheet-ParseExcel"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7101"
}
],
"sourceIdentifier": "mandiant-cve@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1104"
}
],
"source": "mandiant-cve@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-24 19:15
Modified
2024-11-21 07:59
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve-coordination@google.com | https://status.barracuda.com/incidents/34kx82j5n4q9 | Vendor Advisory | |
| cve-coordination@google.com | https://www.barracuda.com/company/legal/esg-vulnerability | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://status.barracuda.com/incidents/34kx82j5n4q9 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.barracuda.com/company/legal/esg-vulnerability | Mitigation, Vendor Advisory |
Impacted products
{
"cisaActionDue": "2023-06-16",
"cisaExploitAdd": "2023-05-26",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F270DBDA-EE31-4AF0-8743-D742467485CF",
"versionEndIncluding": "9.2.0.006",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "824DAE15-3628-4346-947E-C33FA46AADE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A9B9E0B-F8D4-4626-AD39-BD525D638693",
"versionEndIncluding": "9.2.0.006",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD3DD62-D690-47F9-8416-61AD78B33699",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83D228EA-35C8-4B6E-9D22-CF0F7C20362B",
"versionEndIncluding": "9.2.0.006",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C507D86-2E68-44A4-A31C-EEF9A6BBEE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADAC6B0-DE92-41F6-B8B1-1C830BB70C24",
"versionEndIncluding": "9.2.0.006",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74D999D5-6CE5-49F7-A0C5-0B44704FEE45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A27A43-E632-4C8A-A9F8-49C6E091E7ED",
"versionEndIncluding": "9.2.0.006",
"versionStartIncluding": "5.1.3.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA6EA4B-B0FF-437B-A48E-F11D0CD5EB2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives).\u00a0The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl\u0027s qx operator with the privileges of the Email Security Gateway product.\u00a0This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances."
}
],
"id": "CVE-2023-2868",
"lastModified": "2024-11-21T07:59:27.373",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-24T19:15:09.363",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://status.barracuda.com/incidents/34kx82j5n4q9"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://status.barracuda.com/incidents/34kx82j5n4q9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2023-7102
Vulnerability from cvelistv5
Published
2023-12-24 21:47
Modified
2024-08-02 08:50
Severity ?
EPSS score ?
Summary
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Barracuda Networks Inc. | Barracuda ESG Appliance |
Version: 5.1.3.001 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:50:08.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7101"
},
{
"tags": [
"x_transferred"
],
"url": "https://metacpan.org/dist/Spreadsheet-ParseExcel"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haile01/perl_spreadsheet_excel_rce_poc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Barracuda ESG Appliance",
"vendor": "Barracuda Networks Inc.",
"versions": [
{
"changes": [
{
"at": "Patched in all active versions by security update removing the vulnerable logic.",
"status": "affected"
}
],
"lessThanOrEqual": "9.2.1.001",
"status": "affected",
"version": "5.1.3.001",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Barracuda Networks Inc. - https://www.barracuda.com/"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Barracuda Networks Inc. - https://www.barracuda.com/"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Barracuda Networks Inc. - https://www.barracuda.com/"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.\u003cp\u003eThis issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\u003c/p\u003e"
}
],
"value": "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137: Parameter Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1104",
"description": "CWE-1104: Use of Unmaintained Third Party Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-26T19:23:33.832Z",
"orgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484",
"shortName": "Mandiant"
},
"references": [
{
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7101"
},
{
"url": "https://metacpan.org/dist/Spreadsheet-ParseExcel"
},
{
"url": "https://github.com/haile01/perl_spreadsheet_excel_rce_poc"
},
{
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171"
},
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution (RCE) Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484",
"assignerShortName": "Mandiant",
"cveId": "CVE-2023-7102",
"datePublished": "2023-12-24T21:47:20.453Z",
"dateReserved": "2023-12-24T17:32:25.423Z",
"dateUpdated": "2024-08-02T08:50:08.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-2868
Vulnerability from cvelistv5
Published
2023-05-24 18:00
Modified
2025-02-04 18:34
Severity ?
EPSS score ?
Summary
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Barracuda | Barracuda Email Security Gateway |
Version: 5.1.3.001 < 9.2.0.006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:33:06.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://status.barracuda.com/incidents/34kx82j5n4q9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2868",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T15:36:08.898946Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-05-26",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-2868"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:34:26.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Barracuda Email Security Gateway",
"vendor": "Barracuda",
"versions": [
{
"lessThan": "9.2.0.006",
"status": "affected",
"version": "5.1.3.001",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-05-23T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives).\u0026nbsp;The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl\u0027s qx operator with the privileges of the Email Security Gateway product.\u0026nbsp;This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances."
}
],
"value": "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives).\u00a0The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl\u0027s qx operator with the privileges of the Email Security Gateway product.\u00a0This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-24T18:00:52.360Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://www.barracuda.com/company/legal/esg-vulnerability"
},
{
"url": "https://status.barracuda.com/incidents/34kx82j5n4q9"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code injection in Barracuda Email Security Gateway",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2023-2868",
"datePublished": "2023-05-24T18:00:52.360Z",
"dateReserved": "2023-05-24T14:24:16.482Z",
"dateUpdated": "2025-02-04T18:34:26.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}