Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service

Description

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.

Affected Products

Vendor	Product	Versions
wazuh	wazuh-manager	<= 4.7.3, <= 4.7.3

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp(vendor-advisory)
https://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service(third-party-advisory)

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2025-15615 | Wazuh up to 4.7.3/4.7.x authd default permission (GHSA-rr83-v9v7-jjhp)

→ No new info (linked only)

CVSS 3.15.8 CRITICAL

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-276

Published3/27/2026

Last enriched5h agov2

Trending Score66

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 5h ago

v2Tier C5h ago

Updated severity to CRITICAL and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v110h ago

Initial creation