Barracuda WAF-as-a-Service Updates

Barracuda WAF-as-a-Service Updates

waas.barracudanetworks.com

Datapath Firmware 12.2 is Now "Current".

by AppSec PM Team
ANNOUNCEMENT | DATAPATH LIFECYCLE At Barracuda, your security and application performance are our top priorities. To ensure your environment is always equipped with our strongest protection, we continuously evolve our platform. Today, we
Datapath
Update

React2Shell : CVE-2025-55182 React & Next.js Remote Code Execution Vulnerabilities.

by AppSec PM Team
Last updated: 2025-12-05 CVE-2025-55182 / CVE -2025-66478 Severity: Critical | CVSS Score : 10 Product Impact Statement: Barracuda WAFaaS , as a platform is not affected by these vulnerabilities. Customer Recommendation: We
New
CVE

CVE Database 2025 !

by WAF PM Team
🚀 Your WAFaaS CVE Database updated!  Welcome to a New Era of Security Intelligence  We’re thrilled to announce a major upgrade to your WAFaaS experience! Our CVE (Common Vulnerabilities and Exposures) database now includes the latest
CVE
Update
New

Datapath Upgrade to Version 12.1

by Scott Treacy
We are pleased to announce that we will be upgrading the current datapath from version 12.0 to version 12.1 for all WAF-as-a-Service customers who have Let Barracuda manage my datapath version selected within their WAF-as-a-Service account
Announcement
Datapath

Shared IP deployments are now live

by Scott Treacy
Announcement
Datapath
We are pleased to announce that Shared IP addressing has now been deployed. All new applications will now use a Shared IP address by default. If your account is licenced with a Application Protection Premium plan or your legacy licence
Shared IP deployments are now live

Change to WAF-as-a-Service IP Addresses and Domain Routing

by Nitzan Miron
Announcement
Datapath
Starting in 30 days, we will begin migration of many existing WAF-as-a-Service applications to new IP addresses. Some of these IP addresses may be shared between multiple applications.
Change to WAF-as-a-Service IP Addresses and Domain Routing

OpenSSL Upgrade

by Scott Treacy
Announcement
Datapath
Per our Datapath policies, we are informing you that we will be upgrading the version of OpenSSL used in Barracuda WAF-as-a-Service to version 3.0 because version 1.1.1 will become End-of-Life on September 11th 2023.
OpenSSL Upgrade

Connectivity Tests

by Scott Treacy
Announcement
Improvement
Datapath
For the version 12.1 datapath, we have deployed an enhanced ability to test connectivity from the WAF-as-a-Service Datapath to the backend application server(s) that you define in the SERVERS page by clicking on a Test Connectivity
Connectivity Tests

Datapath v12.1

by Scott Treacy
We have released Datapath v12.1 into the production environment and this is currently available for manual selection for customer accounts licensed to allow this. The release notes are available here. Information on managing the datapath
Announcement
Datapath