CVE-2019-5648

Public Exploit
LDAP Credential Exposure in Barracuda Load Balancer ADC

Description

Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. These steps can be used by any authenticated administrative user to expose the LDAP credentials configured in the LDAP connector over the network.

Remediation

Solution:

  • Administrators should ensure that their Barracuda Load Balancer ADC is on either a 6.3.x or 6.4.x version so that the patch can be applied through Barracuda's automated security patching system. Ensure that you have not intentionally disabled the security update system. Administrators should update their Barracuda Load Balancer ADC devices to the latest firmware versions as they become available. Version 6.5 will ship with the patch for CVE-2019-5648.

Category

6.5
CVSS
Severity: Medium
CVSS 3.1 •
CVSS 3.0 •
CVSS 2.0 •
EPSS 0.51%
Third-Party Advisory rapid7.com
Affected: Barracuda Load Balancer ADC
Published at:
Updated at:

References

Link Tags
https://blog.rapid7.com/2020/03/05/r7-2019-39-cve-2019-5648-ldap-credential-exposure-in-barracuda-load-balancer-adc-fixed/ third party advisory exploit

Frequently Asked Questions

What is the severity of CVE-2019-5648?
CVE-2019-5648 has been scored as a medium severity vulnerability.
How to fix CVE-2019-5648?
To fix CVE-2019-5648: Administrators should ensure that their Barracuda Load Balancer ADC is on either a 6.3.x or 6.4.x version so that the patch can be applied through Barracuda's automated security patching system. Ensure that you have not intentionally disabled the security update system. Administrators should update their Barracuda Load Balancer ADC devices to the latest firmware versions as they become available. Version 6.5 will ship with the patch for CVE-2019-5648.
Is CVE-2019-5648 being actively exploited in the wild?
It is possible that CVE-2019-5648 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2019-5648?
CVE-2019-5648 affects Barracuda Load Balancer ADC.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.