VYPR
Unrated severityNVD Advisory· Published Apr 19, 2024· Updated Aug 2, 2024

Wazuh vulnerable to NULL Pointer Dereference in wazuh-analysisd

CVE-2023-49275

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when analysisd receives a syscollector message with the hotfix msg_type but lacking a timestamp. It uses cJSON_GetObjectItem() to get the timestamp object item and dereferences it without checking for a NULL value. A malicious client can DoS the analysis engine. This vulnerability is fixed in 4.7.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wazuh/Wazuhllm-fuzzy2 versions
    <4.7.1+ 1 more
    • (no CPE)range: <4.7.1
    • (no CPE)range: >= 3.2.0, < 4.7.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.