CVE-2008-2333

Published May 23, 2008

Last updated 6 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD01511D-F23B-4C4C-9CB6-BC8483DCAC96",
            "versionEndIncluding": "3.5.11.020"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DDCA1D8-886C-405F-8BBF-50D4CC20BB3F"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE4584BC-B194-4848-8539-9A39D696C8C8"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A9DC6C5-D228-43AC-8ED1-5A7E5315E275"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47F9E0B8-8BCF-4259-A415-909FD349DB2A"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "159185A2-272C-46EC-A96A-84FB80B6473E"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4499AB68-D449-4A36-A243-F13F02C0EF95"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BC3E5FA-1A08-4D4C-865E-547D50E21349"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9E13260-BC29-45D9-98F3-0C2D7CF72A42"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DB02038-4858-4D43-9FB6-492E131227CA"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAA3E09E-6F3C-4ED9-AD6C-3F8938A629B2"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5A431D3-D4D1-43F0-9D2F-C3D0CB58EA36"
          },
          {
            "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4.10.102:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F3314EF-568B-41C1-87F9-7A20DC6D3A09"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References