CVE-2024-57378

High

Published: 13 February 2025

Published

13 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0012 30.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.

Security Summary

CVE-2024-57378 is a broken access control vulnerability affecting Wazuh SIEM version 4.8.2. The flaw allows unauthorized creation of internal users without assigning any existing user role, potentially enabling privilege escalation or unauthorized access to sensitive resources. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and maps to CWE-284.

Network-accessible attackers require no privileges, authentication, or user interaction to exploit this vulnerability due to its low attack complexity. Successful exploitation lets unauthenticated adversaries create internal users without roles, which can result in privilege escalation or access to sensitive resources in the Wazuh SIEM deployment.

Mitigation details and further technical analysis are available in the referenced vulnerability research repository at https://github.com/bappe-sarker/Vulnerability-Research/tree/main/CVE-2024-57378.

Details

CWE(s): CWE-284

References

https://github.com/bappe-sarker/Vulnerability-Research/tree/main/CVE-2024-57378
cve@mitre.org