CVE-2024-47770

Aliases:GO-2025-3445GHSA-648q-8m78-5cwv
Advisory lineage Upstream: 0 Downstream: 2
Analyzed
Published: 03 Feb 2025, 21:34
Last modified:04 Feb 2025, 17:25

Vulnerability Summary

Overall Risk (default)
medium
32/100
CVSS Score
8 HIGH
v3.1 (nvd)
EPSS Score
0.14% LOW
0% probability +0.06%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 Feb 2025, 21:34
Published
Vulnerability first disclosed
04 Feb 2025, 17:25
Last Modified
Vulnerability information updated

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS Metrics

  • v3.1MEDIUMScore: 4.6CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
  • v3.1HIGHScore: 8CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.14% Percentile: 34%

Techniques & Countermeasures

  • CWE-269Improper Privilege Management

    The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Systems

  • github.com/wazuhwazuh

    < 4.9.1+incompatible

  • wazuhwazuh

    < 4.9.1

References (2)