PT-2021-23418 · Wazuh · Wazuh
Johannes Segitz
·
Published
2021-09-29
·
Updated
2021-10-12
·
CVE-2021-41821
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Wazuh versions through 4.1.5
Description
The issue is related to a remote Integer Underflow vulnerability that might lead to denial of service. It requires a crafted message to be sent from an authenticated agent to the manager.
Recommendations
For versions through 4.1.5, update to a version later than 4.1.5 to resolve the issue. As a temporary workaround, consider restricting access to authenticated agents to minimize the risk of exploitation.
Exploit
Fix
DoS
Integer Underflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wazuh