/

CVE-2023-2868 Report - Details, Severity, & Advisories

CVE-2023-2868 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-2868 is a critical remote command injection vulnerability affecting the Barracuda Email Security Gateway appliance, specifically versions 5.1.3.001-9.2.0.006. This vulnerability allows a remote attacker to execute system commands with the privileges of the Email Security Gateway product due to a failure in sanitizing the processing of .tar files. The issue impacts various Barracuda Email Security Gateway appliances, including versions 300, 400, 600, 800, and 900.

How do I know if I'm affected?

If you're using a Barracuda Email Security Gateway appliance, you might be affected by the CVE-2023-2868 vulnerability. This issue specifically impacts versions 5.1.3.001-9.2.0.006 of the product. Signs that you may be affected include unauthorized access to your email gateway appliance. Users with impacted appliances were notified via the Email Security Gateway user interface. Unfortunately, there's no information available about affected Apple product versions.

What should I do if I'm affected?

If you're affected by the CVE-2023-2868 vulnerability, ensure your Barracuda Email Security Gateway appliance is updated with the latest security patches. Check for any signs of unauthorized access and contact Barracuda support if needed. Review your network logs for indicators of compromise and take additional actions based on your findings. For more information, visit the NVD page on this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is named "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability" and was added to the catalog on May 26, 2023. The due date for addressing this vulnerability is June 16, 2023. The required action is to apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-20 indicating an improper input validation and CWE-77 as command injection, allowing attackers to execute system commands. To mitigate, apply security patches and ensure proper input validation.

For more details

CVE-2023-2868 is a critical vulnerability affecting Barracuda Email Security Gateway appliances. To protect your organization, apply security patches and follow recommended actions. For a comprehensive understanding of this vulnerability, consult the NVD page and the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-2868 Report - Details, Severity, & Advisories

CVE-2023-2868 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-2868 is a critical remote command injection vulnerability affecting the Barracuda Email Security Gateway appliance, specifically versions 5.1.3.001-9.2.0.006. This vulnerability allows a remote attacker to execute system commands with the privileges of the Email Security Gateway product due to a failure in sanitizing the processing of .tar files. The issue impacts various Barracuda Email Security Gateway appliances, including versions 300, 400, 600, 800, and 900.

How do I know if I'm affected?

If you're using a Barracuda Email Security Gateway appliance, you might be affected by the CVE-2023-2868 vulnerability. This issue specifically impacts versions 5.1.3.001-9.2.0.006 of the product. Signs that you may be affected include unauthorized access to your email gateway appliance. Users with impacted appliances were notified via the Email Security Gateway user interface. Unfortunately, there's no information available about affected Apple product versions.

What should I do if I'm affected?

If you're affected by the CVE-2023-2868 vulnerability, ensure your Barracuda Email Security Gateway appliance is updated with the latest security patches. Check for any signs of unauthorized access and contact Barracuda support if needed. Review your network logs for indicators of compromise and take additional actions based on your findings. For more information, visit the NVD page on this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is named "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability" and was added to the catalog on May 26, 2023. The due date for addressing this vulnerability is June 16, 2023. The required action is to apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-20 indicating an improper input validation and CWE-77 as command injection, allowing attackers to execute system commands. To mitigate, apply security patches and ensure proper input validation.

For more details

CVE-2023-2868 is a critical vulnerability affecting Barracuda Email Security Gateway appliances. To protect your organization, apply security patches and follow recommended actions. For a comprehensive understanding of this vulnerability, consult the NVD page and the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-2868 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-2868 is a critical remote command injection vulnerability affecting the Barracuda Email Security Gateway appliance, specifically versions 5.1.3.001-9.2.0.006. This vulnerability allows a remote attacker to execute system commands with the privileges of the Email Security Gateway product due to a failure in sanitizing the processing of .tar files. The issue impacts various Barracuda Email Security Gateway appliances, including versions 300, 400, 600, 800, and 900.

How do I know if I'm affected?

If you're using a Barracuda Email Security Gateway appliance, you might be affected by the CVE-2023-2868 vulnerability. This issue specifically impacts versions 5.1.3.001-9.2.0.006 of the product. Signs that you may be affected include unauthorized access to your email gateway appliance. Users with impacted appliances were notified via the Email Security Gateway user interface. Unfortunately, there's no information available about affected Apple product versions.

What should I do if I'm affected?

If you're affected by the CVE-2023-2868 vulnerability, ensure your Barracuda Email Security Gateway appliance is updated with the latest security patches. Check for any signs of unauthorized access and contact Barracuda support if needed. Review your network logs for indicators of compromise and take additional actions based on your findings. For more information, visit the NVD page on this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is named "Barracuda Networks ESG Appliance Improper Input Validation Vulnerability" and was added to the catalog on May 26, 2023. The due date for addressing this vulnerability is June 16, 2023. The required action is to apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-20 indicating an improper input validation and CWE-77 as command injection, allowing attackers to execute system commands. To mitigate, apply security patches and ensure proper input validation.

For more details

CVE-2023-2868 is a critical vulnerability affecting Barracuda Email Security Gateway appliances. To protect your organization, apply security patches and follow recommended actions. For a comprehensive understanding of this vulnerability, consult the NVD page and the resources listed below.