CVE-2025-64483
BaseFortify
Publication date: 2025-11-21
Last updated on: 2026-02-06
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | 4.9.0 |
| wazuh | wazuh | 4.13.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Wazuh versions 4.9.0 to before 4.13.0 allows authenticated users with read-only API roles to retrieve agent enrollment credentials via the /utils/configuration endpoint. These credentials can then be used to register new agents within the same Wazuh tenant without needing elevated permissions through the user interface. The issue was fixed in version 4.13.0.
How can this vulnerability impact me? :
The vulnerability can allow users with only read-only API access to obtain agent enrollment credentials, enabling them to register new agents in the Wazuh tenant without proper authorization. This could lead to unauthorized agents being added, potentially compromising the security and integrity of the monitored environment.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Wazuh to version 4.13.0 or later, as this version contains the patch that fixes the vulnerability allowing read-only API users to retrieve agent enrollment credentials.