Security Advisory

CVE-2023-49275

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-19 14:24:25
Last updated 2024-08-02 21:53:45
Assigner GitHub_M
State PUBLISHED

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a syscollector message with the `hotfix` `msg_type` but lacking a `timestamp`. It uses `cJSON_GetObjectItem()` to get the `timestamp` object item and dereferences it without checking for a `NULL` value. A malicious client can DoS the analysis engine. This vulnerability is fixed in 4.7.1.