Critical severity9.8NVD Advisory· Published Dec 24, 2023· Updated Jun 17, 2026
CVE-2023-7102
CVE-2023-7102
Description
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 5.1.3.001-9.2.1.001
- Barracuda Networks Inc./Barracuda ESG Appliancev5Range: 5.1.3.001
Patches
Vulnerability mechanics
References
5- github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.mdnvdThird Party Advisory
- www.barracuda.com/company/legal/esg-vulnerabilitynvdVendor Advisory
- www.cve.org/CVERecordnvdThird Party Advisory
- github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pmnvdProduct
- metacpan.org/dist/Spreadsheet-ParseExcelnvdProduct
News mentions
1- Metasploit Wrap Up 05/22/2026Rapid7 Blog · May 22, 2026