CVE-2025-15612

Medium CVSS: 6.3

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or code during the build process, leading to remote code execution and supply chain compromise.

Vendor

Product

CWE

CWE-295

Yayın Tarihi

2026-03-27 19:16:41

Güncelleme

2026-03-30 13:26:29

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-295 MEDIUM 2026

Referanslar

https://github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mg https://www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the-authenticity-of-the-ssl-certificate-leading-to-mitm-rce-in-build-infrastructure