Vulnerabilities (CVE)

Filtered by vendor Barracuda Subscribe
Filtered by product Load Balancer Adc
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5648 1 Barracuda 2 Load Balancer Adc, Load Balancer Adc Firmware 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. These steps can be used by any authenticated administrative user to expose the LDAP credentials configured in the LDAP connector over the network.
CVE-2017-6320 1 Barracuda 1 Load Balancer Adc 2024-11-21 9.0 HIGH 8.8 HIGH
A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability stems from unsanitized data being processed in a system call when the delete_assessment command is issued.