QwikSec

Security Database

CVE

CWE

Training

CVE-2015-0961

Published: May 25, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_CERT-VN

https://techlib.barracuda.com/BWF/UpdateSSLCerts

x_refsource_CONFIRM

https://www.barracuda.com/support/techalerts

x_refsource_CONFIRM

https://blog.barracuda.com/2015/04/28/barracuda-delivers-updated-ssl-inspection-feature/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.