It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Site Security Scanner

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Site Security Scanner

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Back to News Feed

Several OpenSSL Vulnerabilities- (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)

Posted on 2023-02-10 04:00:16 modified on 2023-03-10 04:19:46

Barracuda Networks: Following AppSec portfolio product-lines are vulnerable to the below mentioned CVE's, and the subsequent section details their identified effect.

Barracuda Web Application Firewall
Barracuda Web Application Firewall-as-a- Service
Barracuda Load Balancer ADC.

CVE Impact

CVE-2023-0286 (High) - Impacts customers using CRL's
CVE-2022-4304 (Moderate) - Affects deployment using RSA based ciphers
CVE-2023-0215 (Moderate) - Affected as per vendor advisory
CVE-2022-4450 (Moderate) - Affected as per vendor advisory
CVE-2022-4203 (Moderate) –No effect as per available data
CVE-2023-0216 (Moderate) – No effect as per available data
CVE-2023-0217 (Moderate) – No effect as per available data
CVE-2023-0401 (Moderate) – No effect as per available data

WAF, WAFaaS, and ADC Advisory

We will be rolling out fix. Meanwhile for manual application of the fix, please get in touch with Barracuda Support Team.

https://www.openssl.org/news/secadv/20230207.txt