CVE-2025-15612
MEDIUM
6,3
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM
4,8
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: none
Description
AI Translation Available
Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or code during the build process, leading to remote code execution and supply chain compromise.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0004
Percentile
0,1th
Updated
EPSS Score Trend (Last 2 Days)
295
Improper Certificate Validation
DraftCommon Consequences
Security Scopes Affected:
Integrity
Authentication
Potential Impacts:
Bypass Protection Mechanism
Gain Privileges Or Assume Identity
Applicable Platforms
Technologies:
Mobile, Not Technology-Specific, Web Based
829
Inclusion of Functionality from Untrusted Control Sphere
IncompleteCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Applicable Platforms
All platforms may be affected
https://github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mg
https://www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the…