It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-02352 XSS-P, Auth vulnerability in the Barracuda Phone System

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006837


Fixed in Barracuda Phone System firmware

Severity: High


Barracuda Phone System was vulnerable to an authenticated persistent XSS attack. Successful exploitation required an attacker to authenticate with the system and then submit a payload into one of the configuration settings. Another user\administrator was required to view\modify the affected setting to trigger the attack. This vulnerability was fixed in the version listed above.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.


Gokmen Guresci

Link to this page:

*** Note that the Barracuda Phone System was formerly known as the Cudatel Communication Server