Unrated severityNVD Advisory· Published Apr 19, 2024· Updated Aug 2, 2024
Wazuh vulnerable to NULL Pointer Dereference in wazuh-analysisd
CVE-2023-49275
Description
Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when analysisd receives a syscollector message with the hotfix msg_type but lacking a timestamp. It uses cJSON_GetObjectItem() to get the timestamp object item and dereferences it without checking for a NULL value. A malicious client can DoS the analysis engine. This vulnerability is fixed in 4.7.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/wazuh/wazuh/blob/e1d5231b31b68a75f3b8b33f833155b362411078/src/analysisd/decoders/syscollector.cmitrex_refsource_MISC
- github.com/wazuh/wazuh/blob/e1d5231b31b68a75f3b8b33f833155b362411078/src/analysisd/decoders/syscollector.cmitrex_refsource_MISC
- github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.