ГлавнаяУязвимости → CVE-2024-57378
7.3высокая

CVE-2024-57378

→ есть в БДУ: BDU:2025-01855 (на русском)
Описание (на английском; русское — в БДУ выше)

Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.

CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/bappe-sarker/Vulnerability-Research/tree/main/CVE-2024-57378