It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-00509 clickjacking vulnerability in multiple products

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006512

Scope:

Fixed in Spam Firewall 6.0.0.029
Fixed in Web Filter 7.0.0
Fixed in Barracuda ADC 5.0.1
Fixed in Link Balancer 2.5.0
Fixed in SSL VPN 2.4
Fixed in Web Application Firewall 7.8
Fixed in Barracuda Firewall 6.1.5
Fixed in CudaTel 2.6.004
Fixed in Message Archiver 3.5
Fixed in Load Balancer 4.2.2

Severity: High

Description:

Product versions listed above are vulnerable to clickjacking attacks (see http://en.wikipedia.org/wiki/Clickjacking). An attacker could use this vulnerability, in conjunction with a social engineering attack, to lure a victim to a site under the attacker's control which appears to be a legitimate Barracuda Networks device. For devices with user interfaces on a public network or with many users, this vulnerability poses a medium-high risk. For devices on private networks or with a small number of sophisticated users, this vulnerability poses a low risk.

This vulnerability can be mitigated by deploying the device behind a firewall and limiting the range of addresses that have access to the administrative interface. See your product documentation for details on configuring access to the administrative interface.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.

Credits:

ajaysinghnegi01,Anonymous,Computerguy Nik,Dinesh Shetty,Jamal Eddine El Hadjeui,Javid Hussain,Jayvardhan Singh,kamalmits1218,karthickumar (Ramanathapuram),Ketankumar Godhani,Kishan Sharma,Manish Bhattacharya,Maulik Shah,Narendra Bhati,Nikhil Srivastav,Parichay Rai,Philippe Arteau,Praveen Nair (Team- Kerala Cyber Squad - India),Priyal 00h4xor11,Rafael Pablos,Rafay Baloch,rahul crack123,Ravikumar Paghdal,Rishiraj Sharma,Sahil Dhar,Sahil Saif,Shilpkar Nitesh,Siddhesh Gawde,Surya Subhash,tusharkumbhare2388,vedachalaka,Vignesh,Vikram Patare,Vinesh Redkar

Link to this page:

https://campus.barracuda.com/solution/501600000013gGZAAY