Vulnerabilites related to barracuda - email_security_gateway_900_firmware
CVE-2023-7102 (GCVE-0-2023-7102)
Vulnerability from cvelistv5
Published
2023-12-24 21:47
Modified
2024-08-02 08:50
Severity ?
EPSS score ?
Summary
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Barracuda Networks Inc. | Barracuda ESG Appliance |
Version: 5.1.3.001 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:50:08.291Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { tags: [ "x_transferred", ], url: "https://www.cve.org/CVERecord?id=CVE-2023-7101", }, { tags: [ "x_transferred", ], url: "https://metacpan.org/dist/Spreadsheet-ParseExcel", }, { tags: [ "x_transferred", ], url: "https://github.com/haile01/perl_spreadsheet_excel_rce_poc", }, { tags: [ "x_transferred", ], url: "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171", }, { tags: [ "x_transferred", ], url: "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Barracuda ESG Appliance", vendor: "Barracuda Networks Inc.", versions: [ { changes: [ { at: "Patched in all active versions by security update removing the vulnerable logic.", status: "affected", }, ], lessThanOrEqual: "9.2.1.001", status: "affected", version: "5.1.3.001", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Barracuda Networks Inc. - https://www.barracuda.com/", }, { lang: "en", type: "reporter", user: "00000000-0000-4000-9000-000000000000", value: "Barracuda Networks Inc. - https://www.barracuda.com/", }, { lang: "en", type: "remediation developer", user: "00000000-0000-4000-9000-000000000000", value: "Barracuda Networks Inc. - https://www.barracuda.com/", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.<p>This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.</p>", }, ], value: "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\n\n", }, ], impacts: [ { capecId: "CAPEC-137", descriptions: [ { lang: "en", value: "CAPEC-137: Parameter Injection", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1104", description: "CWE-1104: Use of Unmaintained Third Party Components", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-26T19:23:33.832Z", orgId: "027e81ed-0dd4-4685-ab4d-884aec5bb484", shortName: "Mandiant", }, references: [ { url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { url: "https://www.cve.org/CVERecord?id=CVE-2023-7101", }, { url: "https://metacpan.org/dist/Spreadsheet-ParseExcel", }, { url: "https://github.com/haile01/perl_spreadsheet_excel_rce_poc", }, { url: "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171", }, { url: "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md", }, ], source: { discovery: "UNKNOWN", }, title: "Remote Code Execution (RCE) Vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "027e81ed-0dd4-4685-ab4d-884aec5bb484", assignerShortName: "Mandiant", cveId: "CVE-2023-7102", datePublished: "2023-12-24T21:47:20.453Z", dateReserved: "2023-12-24T17:32:25.423Z", dateUpdated: "2024-08-02T08:50:08.291Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-2868 (GCVE-0-2023-2868)
Vulnerability from cvelistv5
Published
2023-05-24 18:00
Modified
2025-02-04 18:34
Severity ?
EPSS score ?
Summary
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Barracuda | Barracuda Email Security Gateway |
Version: 5.1.3.001 < 9.2.0.006 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:33:06.053Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { tags: [ "x_transferred", ], url: "https://status.barracuda.com/incidents/34kx82j5n4q9", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-2868", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-16T15:36:08.898946Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-05-26", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-2868", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T18:34:26.472Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Barracuda Email Security Gateway", vendor: "Barracuda", versions: [ { lessThan: "9.2.0.006", status: "affected", version: "5.1.3.001", versionType: "custom", }, ], }, ], datePublic: "2023-05-23T10:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.", }, ], value: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.", }, ], impacts: [ { capecId: "CAPEC-253", descriptions: [ { lang: "en", value: "CAPEC-253 Remote Code Inclusion", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-24T18:00:52.360Z", orgId: "14ed7db2-1595-443d-9d34-6215bf890778", shortName: "Google", }, references: [ { url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { url: "https://status.barracuda.com/incidents/34kx82j5n4q9", }, ], source: { discovery: "UNKNOWN", }, title: "Remote Code injection in Barracuda Email Security Gateway", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "14ed7db2-1595-443d-9d34-6215bf890778", assignerShortName: "Google", cveId: "CVE-2023-2868", datePublished: "2023-05-24T18:00:52.360Z", dateReserved: "2023-05-24T14:24:16.482Z", dateUpdated: "2025-02-04T18:34:26.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-12-24 22:15
Modified
2024-11-21 08:45
Severity ?
Summary
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E60161F1-A5A9-41C1-A123-7163D353F927", versionEndIncluding: "9.2.1.001", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_300:-:*:*:*:*:*:*:*", matchCriteriaId: "824DAE15-3628-4346-947E-C33FA46AADE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "178F9F7E-C6B7-427A-9E0A-BB98E26443D4", versionEndIncluding: "9.2.1.001", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_400:-:*:*:*:*:*:*:*", matchCriteriaId: "ACD3DD62-D690-47F9-8416-61AD78B33699", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5D5514D-91F5-46D6-B936-353BA14BD862", versionEndIncluding: "9.2.1.001", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_600:-:*:*:*:*:*:*:*", matchCriteriaId: "6C507D86-2E68-44A4-A31C-EEF9A6BBEE54", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1048A03-2201-46DF-9AC9-AFB9FB26F61B", versionEndIncluding: "9.2.1.001", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_800:-:*:*:*:*:*:*:*", matchCriteriaId: "74D999D5-6CE5-49F7-A0C5-0B44704FEE45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E070CD5-CFA8-4FD8-9291-74A0412CC3F2", versionEndIncluding: "9.2.1.001", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_900:-:*:*:*:*:*:*:*", matchCriteriaId: "FFA6EA4B-B0FF-437B-A48E-F11D0CD5EB2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\n\n", }, { lang: "es", value: "El uso de una librería de terceros produjo una vulnerabilidad en el dispositivo Barracuda ESG de Barracuda Networks Inc. que permitía la inyección de parámetros. Este problema afectó al dispositivo Barracuda ESG, desde la versión 5.1.3.001 hasta la 9.2.1.001, hasta que Barracuda eliminó la lógica vulnerable.", }, ], id: "CVE-2023-7102", lastModified: "2024-11-21T08:45:16.750", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-24T22:15:08.107", references: [ { source: "mandiant-cve@google.com", tags: [ "Third Party Advisory", ], url: "https://github.com/haile01/perl_spreadsheet_excel_rce_poc", }, { source: "mandiant-cve@google.com", tags: [ "Product", ], url: "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171", }, { source: "mandiant-cve@google.com", tags: [ "Third Party Advisory", ], url: "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md", }, { source: "mandiant-cve@google.com", tags: [ "Product", ], url: "https://metacpan.org/dist/Spreadsheet-ParseExcel", }, { source: "mandiant-cve@google.com", tags: [ "Vendor Advisory", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { source: "mandiant-cve@google.com", tags: [ "Third Party Advisory", ], url: "https://www.cve.org/CVERecord?id=CVE-2023-7101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/haile01/perl_spreadsheet_excel_rce_poc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://metacpan.org/dist/Spreadsheet-ParseExcel", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cve.org/CVERecord?id=CVE-2023-7101", }, ], sourceIdentifier: "mandiant-cve@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1104", }, ], source: "mandiant-cve@google.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-24 19:15
Modified
2025-04-02 18:19
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve-coordination@google.com | https://status.barracuda.com/incidents/34kx82j5n4q9 | Vendor Advisory | |
| cve-coordination@google.com | https://www.barracuda.com/company/legal/esg-vulnerability | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://status.barracuda.com/incidents/34kx82j5n4q9 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.barracuda.com/company/legal/esg-vulnerability | Mitigation, Vendor Advisory |
Impacted products
{ cisaActionDue: "2023-06-16", cisaExploitAdd: "2023-05-26", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F270DBDA-EE31-4AF0-8743-D742467485CF", versionEndIncluding: "9.2.0.006", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_300:-:*:*:*:*:*:*:*", matchCriteriaId: "824DAE15-3628-4346-947E-C33FA46AADE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A9B9E0B-F8D4-4626-AD39-BD525D638693", versionEndIncluding: "9.2.0.006", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_400:-:*:*:*:*:*:*:*", matchCriteriaId: "ACD3DD62-D690-47F9-8416-61AD78B33699", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83D228EA-35C8-4B6E-9D22-CF0F7C20362B", versionEndIncluding: "9.2.0.006", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_600:-:*:*:*:*:*:*:*", matchCriteriaId: "6C507D86-2E68-44A4-A31C-EEF9A6BBEE54", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ADAC6B0-DE92-41F6-B8B1-1C830BB70C24", versionEndIncluding: "9.2.0.006", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_800:-:*:*:*:*:*:*:*", matchCriteriaId: "74D999D5-6CE5-49F7-A0C5-0B44704FEE45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:barracuda:email_security_gateway_900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5A27A43-E632-4C8A-A9F8-49C6E091E7ED", versionEndIncluding: "9.2.0.006", versionStartIncluding: "5.1.3.001", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:barracuda:email_security_gateway_900:-:*:*:*:*:*:*:*", matchCriteriaId: "FFA6EA4B-B0FF-437B-A48E-F11D0CD5EB2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.", }, ], id: "CVE-2023-2868", lastModified: "2025-04-02T18:19:23.680", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.5, source: "cve-coordination@google.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-24T19:15:09.363", references: [ { source: "cve-coordination@google.com", tags: [ "Vendor Advisory", ], url: "https://status.barracuda.com/incidents/34kx82j5n4q9", }, { source: "cve-coordination@google.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://status.barracuda.com/incidents/34kx82j5n4q9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.barracuda.com/company/legal/esg-vulnerability", }, ], sourceIdentifier: "cve-coordination@google.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "cve-coordination@google.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }