QwikSec

Security Database

CVE

CWE

Training

CVE-2015-0962

Published: May 25, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_CERT-VN

https://techlib.barracuda.com/BWF/UpdateSSLCerts

x_refsource_CONFIRM

https://www.barracuda.com/support/techalerts

x_refsource_CONFIRM

https://blog.barracuda.com/2015/04/28/barracuda-delivers-updated-ssl-inspection-feature/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.