Latest wazuh wazuh Vulnerabilities

CVE-2023-42463
wazuh-logcollector integer underflow local privilege escalation
Wazuh Wazuh<4.5.3
CVE-2022-40497
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.
Wazuh Wazuh>=3.6.1<=3.13.5
Wazuh Wazuh>=4.0.0<=4.2.7
Wazuh Wazuh>=4.3.0<=4.3.7
CVE-2021-44079
In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.
Wazuh Wazuh>=4.2.0<4.2.5
CVE-2021-41821
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the man...
Wazuh Wazuh<=4.1.5
CVE-2021-26814
Wazuh Wazuh>=4.0.0<=4.0.3
CVE-2018-19666
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.
Ossec Ossec<=3.1.0
Microsoft Windows
Wazuh Wazuh>=1.0.0<=2.1.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203