It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-01247 cross site request forgery (CSRF) vulnerability in SSL VPN

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006839

Scope:

Fixed in SSL VPN 2.6.0

Severity: High

Description:

The Barracuda SSLVPN was vulnerable to cross site request forgery attacks.The attack required a logged in administrator to click a URL crafted by an attacker in order to make a change to the system. Vulnerability is fixed in the version listed above.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.

Credits:

Aditya Sood,Shashank

Link to this page:

https://campus.barracuda.com/solution/50160000001437AAAQ