Wazuh vulnerable to user privilege escalation
CVE-2023-42455

8.8HIGH

Key Information:

Vendor

Wazuh

Status
Wazuh-kibana-app
Vendor
CVE Published:
9 October 2023

What is CVE-2023-42455?

In Wazuh versions 4.4.0 and 4.4.1, a vulnerability exists that allows a logged-in user to exploit browser development tools to retrieve the Wazuh API administrator key. This unauthorized access enables such users to assume administrative privileges over the API, undermining security measures even if their assigned dashboard role does not permit such access. The issue has been resolved in version 4.4.2, and there are currently no known workarounds available.

Affected Version(s)

wazuh-kibana-app >= 4.4.0, < 4.4.2

References

https://github.com/wazuh/wazuh-kibana-app/security/adviso...
x_refsource_CONFIRM
https://github.com/wazuh/wazuh-dashboard-plugins/issues/5427
x_refsource_MISC
https://github.com/wazuh/wazuh-kibana-app/pull/5428
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-42455 : Wazuh vulnerable to user privilege escalation