U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:wazuh:wazuh:1.0.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3 matching records.
Displaying matches 1 through 3.
Vuln ID Summary CVSS Severity
CVE-2023-42463

Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3.

Published: January 12, 2024; 4:15:09 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2021-41821

Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager.

Published: September 29, 2021; 7:15:07 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2018-19666

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.

Published: November 29, 2018; 3:29:00 AM -0500 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 7.2 HIGH