CVE-2015-0961

Name of the Vulnerable Software and Affected Versions Barracuda Web Filter versions prior to 8.1.0.005

Description The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate when SSL Inspection is enabled, due to the lack of verification of X.509 certificates from upstream SSL servers.

Recommendations For versions prior to 8.1.0.005, update to version 8.1.0.005 or later to resolve the issue. As a temporary workaround, consider disabling SSL Inspection until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.