Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. <a href"https://cwe.mitre.org/data/definitions/295.html">CWE-295: Improper Certificate Validation</a>
Publication date: Tue, 26 May 2015 03:59:00 +0000