On Wednesday morning, May13, we were notified of the release of CVE-2015-3456 (aka Venom). This vulnerability allows an attacker to move from a guest VM under the attacker’s control to the host that the guest is running on. More information about the vulnerability is available at http://venom.crowdstrike.com.
1 reply to this topic
Posted 13 May 2015 - 05:19 PM
Barracuda's virtual appliances are not directly affected by this issue. However, customers using our virtual appliances should evaluate their hosting platforms and patch them as recommended by the platform vendor.
We are currently investigating whether any of our services are affected by this issue.
This thread will be updated as we have additional information.