Users of Barracuda’s Email Gateway Defense are unable to access their accounts. The company anticipates providing a fix by July 14.
A flaw in Barracuda’s Email Gateway Defense is locking users out of their accounts. A login attempt is followed by the message ‘The link to log in is invalid’.
No access for a week
However, users who encounter this problem will have to be patient for a while, as the email security specialist plans to handle the problem by next Friday. “We are working on a solution to the problem with a tentative timeline for release of the fix on or before July 14,” Barracuda clarified in a status report.
For now, it is not clear what is causing the problem. In any case, security specialists do not appear to be getting rid of the problem immediately, as Barracuda is locking users out of their accounts for one week. Affected customers should take satisfaction with an apologies note, “We thank you for your understanding and support as we work through this issue and sincerely apologize for any inconvenience it may cause.”
Trouble finding solutions
The security company showed in the previous problem that it does not always manage to address a problem itself. The vulnerability in its Email Security Gateway (ESG) devices, finally resorted to a drastic measure: replacing affected devices. This is because the patch the company previously issued proved inadequate. Hackers could exploit the vulnerability to enable a remote command injection attack.
Also read: Mandiant: ‘China deployed Barracuda vulnerability as spy tool’