Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

INFO

Published Date :

2025-02-03T21:34:06.742Z

Last Modified :

2025-02-04T17:25:17.568Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-47770 vulnerability.

Vendors Products
Wazuh
  • Wazuh
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47770.

URL Resource
https://github.com/wazuh/wazuh/security/advisories/GHSA-648q-8m78-5cwv cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact