Wazuh · Wazuh · CVE-2023-42455
**Name of the Vulnerable Software and Affected Versions**
Wazuh versions 4.4.0 through 4.4.1
**Description**
The issue allows a logged-in user to the dashboard to obtain the Wazuh API administrator key, potentially gaining administrator access to the API, regardless of their dashboard role.
**Recommendations**
For versions 4.4.0 and 4.4.1, update to version 4.4.2 to resolve the issue.