CVE-2020-8444

Name of the Vulnerable Software and Affected Versions OSSEC-HIDS versions 2.7 through 3.5.0

Description The server component responsible for log analysis, ossec-analysisd, is vulnerable to a use-after-free during processing of ossec-alert formatted messages received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted.

Recommendations For OSSEC-HIDS versions 2.7 through 3.5.0, consider disabling the ossec-analysisd component until a patch is available to prevent exploitation of the use-after-free vulnerability. Restrict access to the ossec-remoted component to minimize the risk of receiving malicious ossec-alert formatted messages.