Wazuh
by Wazuh
Source repositories
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-40497 | 0.00 | — | 0.01 | Sep 27, 2022 | Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint. | |||
| CVE-2021-44079 | 0.00 | — | 0.03 | Nov 22, 2021 | In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. | |||
| CVE-2021-41821 | 0.00 | — | 0.01 | Sep 29, 2021 | Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager. |
- CVE-2022-40497Sep 27, 2022risk 0.00cvss —epss 0.01
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.
- CVE-2021-44079Nov 22, 2021risk 0.00cvss —epss 0.03
In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.
- CVE-2021-41821Sep 29, 2021risk 0.00cvss —epss 0.01
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager.
Page 3 of 3