CVE-2024-57378

High CVSS: 7.3

Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.

Vendor

Product

CWE

CWE-284

Yayın Tarihi

2025-02-13 22:15:11

Güncelleme

2025-03-17 19:15:24

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 HIGH 2025

Referanslar

https://github.com/bappe-sarker/Vulnerability-Research/tree/main/CVE-2024-57378