Barracuda Email Security Gateway (ESG) Vulnerability Update - 20230612002

Overview

Barracuda have added an action notice to their ESG advisory. This notice instructs customers to replace ESG appliances immediately regardless of patch versions.

What is the vulnerability?

CVE-2023-2868 - CVSS v3 Base Score: 9.8

What is vulnerable?

The vulnerability exists in the following products:

• Barracuda Email Security Gateway (appliance form factor only)

What has been observed?

An update to Barracuda's ESG Vulnerability Advisory.

Recommendation

Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG.