ID

VAR-190001-0336


TITLE

Barracuda Control Center HTML Injection Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2011-5417

DESCRIPTION

The Barracuda Control Center is a control center application for Barracuda products. The Barracudas Control Center 620 has multiple persistent input validation vulnerabilities, and local non-privileged user accounts can implement/inject malicious persistent script code. When the user is authenticated, it can lead to information leakage, access to internal servers, and content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible

Trust: 1.35

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416 // BID: 51156

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416

AFFECTED PRODUCTS

vendor:barracudamodel:networks barracuda control centerscope:eqversion:620

Trust: 1.5

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416 // BID: 51156

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-411

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201112-411

PATCH

title:Barracuda Control Center HTML Injection Vulnerability Patchurl:https://www.cnvd.org.cn/patchinfo/show/6436

Trust: 0.6

title:Patch for Barracuda Control Center Cross-Site Scripting Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/6438

Trust: 0.6

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416

EXTERNAL IDS

db:BIDid:51156

Trust: 2.1

db:CNVDid:CNVD-2011-5417

Trust: 0.6

db:CNVDid:CNVD-2011-5416

Trust: 0.6

db:CNNVDid:CNNVD-201112-411

Trust: 0.6

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416 // BID: 51156 // CNNVD: CNNVD-201112-411

REFERENCES

url:http://www.securityfocus.com/bid/51156

Trust: 1.8

url:http://www.vulnerability-lab.com/get_content.php?id=32

Trust: 0.3

url:http://www.barracudanetworks.com/ns/?l=en_ca

Trust: 0.3

sources: CNVD: CNVD-2011-5417 // CNVD: CNVD-2011-5416 // BID: 51156 // CNNVD: CNNVD-201112-411

CREDITS

Vulnerability-Lab

Trust: 0.9

sources: BID: 51156 // CNNVD: CNNVD-201112-411

SOURCES

db:CNVDid:CNVD-2011-5417
db:CNVDid:CNVD-2011-5416
db:BIDid:51156
db:CNNVDid:CNNVD-201112-411

LAST UPDATE DATE

2022-05-17T01:50:42.387000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-5417date:2011-12-23T00:00:00
db:CNVDid:CNVD-2011-5416date:2011-12-23T00:00:00
db:BIDid:51156date:2011-12-21T00:00:00
db:CNNVDid:CNNVD-201112-411date:2011-12-23T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2011-5417date:2011-12-23T00:00:00
db:CNVDid:CNVD-2011-5416date:2011-12-23T00:00:00
db:BIDid:51156date:2011-12-21T00:00:00
db:CNNVDid:CNNVD-201112-411date:1900-01-01T00:00:00