CVE-2024-57378 Information

Description

Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role potentially leading to privilege escalation or unauthorized access to sensitive resources.

Reference

https://github.com/bappe-sarker/Vulnerability-Research/tree/main/CVE-2024-57378