Strix
26.1K

CVE-2023-2868

CRITICALCVSS 9.8/10Actively ExploitedEPSS 86.96%

Last modified

CVE-2023-2868 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. CISA has confirmed active exploitation in the wild. EPSS estimates a 86.96% chance of exploitation in the next 30 days.

Description

A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
86.96%

99.7th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by .

Weakness Enumeration

Affected Software

VendorProductVersions
BarracudaEmail Security Gateway 300 Firmware>= 5.1.3.001, <= 9.2.0.006
BarracudaEmail Security Gateway 400 Firmware>= 5.1.3.001, <= 9.2.0.006
BarracudaEmail Security Gateway 600 Firmware>= 5.1.3.001, <= 9.2.0.006
BarracudaEmail Security Gateway 800 Firmware>= 5.1.3.001, <= 9.2.0.006
BarracudaEmail Security Gateway 900 Firmware>= 5.1.3.001, <= 9.2.0.006

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2023-2868?
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
How severe is CVE-2023-2868?
CVE-2023-2868 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 86.96% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.
How do I fix CVE-2023-2868?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-2868?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST