Lucene search

[email protected]CVE-2008-2333

HistoryMay 23, 2008 - 3:32 p.m.

CVE-2008-2333

2008-05-2315:32:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-2333

cross-site scripting

xss

barracuda spam firewall

bsf

security vulnerability

web script

html

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.9%

JSON

Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.

Affected configurations

NVD

Node

barracuda_networksbarracuda_spam_firewallRange≤3.5.11.020

barracuda_networksbarracuda_spam_firewallMatch3.1.10

barracuda_networksbarracuda_spam_firewallMatch3.1.16

barracuda_networksbarracuda_spam_firewallMatch3.1.17

barracuda_networksbarracuda_spam_firewallMatch3.1.18

barracuda_networksbarracuda_spam_firewallMatch3.3.0.54

barracuda_networksbarracuda_spam_firewallMatch3.3.01.001

barracuda_networksbarracuda_spam_firewallMatch3.3.3

barracuda_networksbarracuda_spam_firewallMatch3.3.03.053

barracuda_networksbarracuda_spam_firewallMatch3.3.03.055

barracuda_networksbarracuda_spam_firewallMatch3.3.15.026

barracuda_networksbarracuda_spam_firewallMatch3.4

barracuda_networksbarracuda_spam_firewallMatch3.4.10.102

CPENameOperatorVersion
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewallle3.5.11.020
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.1.10
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.1.16
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.1.17
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.1.18
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.3.0.54
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.3.01.001
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.3.3
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.3.03.053
barracuda_networks:barracuda_spam_firewallbarracuda networks barracuda spam firewalleq3.3.03.055

CPE	Name	Operator	Version
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	le	3.5.11.020
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.1.10
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.1.16
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.1.17
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.1.18
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.3.0.54
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.3.01.001
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.3.3
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.3.03.053
barracuda_networks:barracuda_spam_firewall	barracuda networks barracuda spam firewall	eq	3.3.03.055