Authenticated Remote Code Execution (RCE) Vulnerability in Wazuh Active Response Endpoint

Authenticated Remote Code Execution (RCE) Vulnerability in Wazuh Active Response Endpoint

CVE-2022-40497 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.

Learn more about our Web Application Penetration Testing UK.