CVE-2023-7102

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 24, 2023
Updated: Jan 9, 2024
CWE ID 1104

Summary

CVE-2023-7102: A parameter injection vulnerability was discovered in Barracuda Networks Inc.'s Barracuda ESG Appliance. This issue arose due to the use of a third-party library and affected versions from 5.1.3.001 to 9.2.1.001. Successful exploitation of this vulnerability could allow an attacker to inject malicious input, potentially leading to unauthorized access or system compromise. The vulnerability was mitigated by Barracuda after the removal of the susceptible logic.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share