Use-After-Free Vulnerability in OSSEC-HIDS Log Analysis Component
CVE-2020-8444

9.8CRITICAL

Key Information:

Vendor

Ossec

Status
Ossec
Vendor
CVE Published:
30 January 2020

What is CVE-2020-8444?

In OSSEC-HIDS versions 2.7 through 3.5.0, the log analysis server component (ossec-analysisd) contains a flaw that allows for a use-after-free condition during the handling of ossec-alert formatted messages. This vulnerability arises from the processing of messages sent by authenticated remote agents, which are routed to the analysisd by ossec-remoted. If exploited, this flaw could potentially allow an attacker to manipulate memory and execute arbitrary code within the OSSEC-HIDS environment.

References

https://github.com/ossec/ossec-hids/issues/1821
x_refsource_MISC
https://www.ossec.net/
x_refsource_MISC
https://github.com/ossec/ossec-hids/issues/1817
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.