VYPR

Wazuh

by Wazuh

Source repositories

CVEs (43)

  • CVE-2022-40497Sep 27, 2022
    risk 0.00cvss epss 0.01

    Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.

  • CVE-2021-44079Nov 22, 2021
    risk 0.00cvss epss 0.03

    In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.

  • CVE-2021-41821Sep 29, 2021
    risk 0.00cvss epss 0.01

    Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager.

Page 3 of 3