Use of Unmaintained Third Party Components

CVE-2023-7102

High

9.8/10

Summary

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-1104 - Use of Unmaintained Third Party Components

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

References

Advisory Timeline

Published Dec 24, 2023

Use of Unmaintained Third Party Components

CVE-2023-7102

Summary

CWE-1104 - Use of Unmaintained Third Party Components

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS