Published: 12/02/2020 Updated: 20/02/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote malicious users to bypass authentication by leveraging a permanent authentication token obtained from a query string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
barracuda web application firewall 7.8.1.013

source: wwwsecurityfocuscom/bid/69028/info Barracuda Web Application Firewall is prone to an authentication-bypass vulnerability An attacker can exploit this issue to bypass the authentication mechanism and gain access to the appliance This may aid in further attacks Barracuda Web Application Firewall 781013 is vulnerable; other v ...

It is possible to re-use a link which includes a non-expiring authentication token in the query string to gain access to the interface of the Barracuda Web Application Firewall (WAF) firmware version 781013 ...

CWE-613 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/http://www.osvdb.org/109782 https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004 http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html https://www.exploit-db.com/exploits/39278 http://seclists.org/fulldisclosure/2014/Aug/5 https://www.securityfocus.com/bid/69028 https://nvd.nist.gov https://www.exploit-db.com/exploits/39278/

CVE-2014-2595

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect