Beware of CPU Draining Attacks on Barracuda Load Balancers!

CVECVE-2023-22323
CVSScvssV3_1: 7.5
SourceCVE-2023-22323

Barracuda load balancers are commonly used by businesses to distribute traffic across servers and applications. However, older versions of Barracuda’s load balancing software are vulnerable to CPU draining attacks.

Specifically, Barracuda Load Balancing and Application Delivery Controllers (ADC) versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x are affected. When the OCSP authentication profile is enabled on a virtual server, it allows attackers to send malformed requests that can over utilize the load balancer’s CPU resources.

By exhausting the CPU, legitimate traffic would be denied service as the load balancer struggles to handle requests. Attackers could exploit this vulnerability remotely without authentication.

If you use an older Barracuda load balancer, you should immediately upgrade to the latest version to patch this security issue. Also consider disabling unused services and profiles like OCSP to reduce the attack surface. Regularly applying manufacturer updates is also recommended to stay protected against newly discovered vulnerabilities.

With some simple steps, businesses can help secure their critical network infrastructure and avoid costly downtime from CPU draining attacks on Barracuda load balancers. Staying on top of software updates is key to maintaining strong cyber defenses.

References