CVE-2025-15612

MEDIUM

4.8

Beschreibung

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or code during the build process, leading to remote code execution and supply chain compromise.

CVE Details

CVSS v3.1 Bewertung4.8

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

AngriffsvektorNETWORK

KomplexitatHIGH

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht3/27/2026

Zuletzt geandert3/30/2026

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-295CWE-829

Referenzen

https://github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mg(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the-authenticity-of-the-ssl-certificate-leading-to-mitm-rce-in-build-infrastructure(disclosure@vulncheck.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.