← Back

CVE-2015-0962

nvd nist
Published: May 25, 2015Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.

Affected (6)

Barracuda
1 product
Web Filter
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Barracuda
Web Filter
Version 7.0.1
Web Filter
Version 7.0
Web Filter
Version 7.1.0
Web Filter
Version 8.0.002
Web Filter
Version 8.0.003
Web Filter
Version 8.0

Related CWEs

CWE-18
CWE-18

References (8)

Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Vendor Advisory
Source: cret@cert.org
Vendor Advisory
Source: cret@cert.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.