Authenticated Remote Code Execution in Wazuh by Wazuh
CVE-2022-40497

8.8HIGH

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 28 September 2022

What is CVE-2022-40497?

An authenticated remote code execution vulnerability exists in Wazuh, allowing attackers to execute arbitrary commands remotely through the Active Response endpoint. This vulnerability affects specific versions of Wazuh, emphasizing the need for users to update to the latest secure versions to protect their systems from potential exploitation. Keeping Wazuh updated will help mitigate risks associated with this security flaw.

References

https://github.com/wazuh/wazuh/pull/14801

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 28, 2022
Vulnerability Reserved
Sep 11, 2022