CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Barracuda: >> Web Filter >> 7.0.1 Security Vulnerabilities

CVE-2015-0962

Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.

CVSS Score

4.3

EPSS Score

0.007

Published

2015-05-25

CVE-2015-0961

Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVSS Score

4.3

EPSS Score

0.002

Published

2015-05-25

Page 1

Vulnerabilities

Vulnerable Software

Barracuda: >> Web Filter >> 7.0.1 Security Vulnerabilities

Products

Pricing

Contact Us