CVE-2023-7102 is a critical severity vulnerability with a CVSS score of 9.8. No known exploits currently, and patches are available. This is classified as a zero-day vulnerability.
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.
Lower probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
| Vendor | Product |
|---|---|
| Barracuda | Email Security Gateway 800 |
| Barracuda | Email Security Gateway 400 Firmware |
| Barracuda | Email Security Gateway 900 |
| Barracuda | Email Security Gateway 800 Firmware |
| Barracuda | Email Security Gateway 400 |
| Barracuda | Email Security Gateway 600 Firmware |
| Barracuda | Email Security Gateway 300 Firmware |
| Barracuda | Email Security Gateway 600 |
| Barracuda | Email Security Gateway 900 Firmware |
| Barracuda | Email Security Gateway 300 |