Vulnerability Details CVE-2025-15615
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.6%
CVSS Severity
CVSS v3 Score 5.8
References
Products affected by CVE-2025-15615
-
cpe:2.3:a:wazuh:wazuh:-
-
cpe:2.3:a:wazuh:wazuh:1.0
-
cpe:2.3:a:wazuh:wazuh:1.0.0
-
cpe:2.3:a:wazuh:wazuh:1.0.1
-
cpe:2.3:a:wazuh:wazuh:1.0.2
-
cpe:2.3:a:wazuh:wazuh:1.0.3
-
cpe:2.3:a:wazuh:wazuh:1.0.4
-
cpe:2.3:a:wazuh:wazuh:1.1
-
cpe:2.3:a:wazuh:wazuh:1.1.0
-
cpe:2.3:a:wazuh:wazuh:1.1.1
-
cpe:2.3:a:wazuh:wazuh:2.0
-
cpe:2.3:a:wazuh:wazuh:2.0.0
-
cpe:2.3:a:wazuh:wazuh:2.0.1
-
cpe:2.3:a:wazuh:wazuh:2.1.0
-
cpe:2.3:a:wazuh:wazuh:2.1.1
-
cpe:2.3:a:wazuh:wazuh:3.0.0
-
cpe:2.3:a:wazuh:wazuh:3.1.0
-
cpe:2.3:a:wazuh:wazuh:3.10.0
-
cpe:2.3:a:wazuh:wazuh:3.10.1
-
cpe:2.3:a:wazuh:wazuh:3.10.2
-
cpe:2.3:a:wazuh:wazuh:3.11.0
-
cpe:2.3:a:wazuh:wazuh:3.11.1
-
cpe:2.3:a:wazuh:wazuh:3.11.2
-
cpe:2.3:a:wazuh:wazuh:3.11.3
-
cpe:2.3:a:wazuh:wazuh:3.11.4
-
cpe:2.3:a:wazuh:wazuh:3.11.5
-
cpe:2.3:a:wazuh:wazuh:3.12.0
-
cpe:2.3:a:wazuh:wazuh:3.12.1
-
cpe:2.3:a:wazuh:wazuh:3.12.2
-
cpe:2.3:a:wazuh:wazuh:3.12.3
-
cpe:2.3:a:wazuh:wazuh:3.13.0
-
cpe:2.3:a:wazuh:wazuh:3.13.1
-
cpe:2.3:a:wazuh:wazuh:3.13.2
-
cpe:2.3:a:wazuh:wazuh:3.13.3
-
cpe:2.3:a:wazuh:wazuh:3.2.0
-
cpe:2.3:a:wazuh:wazuh:3.2.1
-
cpe:2.3:a:wazuh:wazuh:3.2.2
-
cpe:2.3:a:wazuh:wazuh:3.2.3
-
cpe:2.3:a:wazuh:wazuh:3.2.4
-
cpe:2.3:a:wazuh:wazuh:3.3.0
-
cpe:2.3:a:wazuh:wazuh:3.3.1
-
cpe:2.3:a:wazuh:wazuh:3.4.0
-
cpe:2.3:a:wazuh:wazuh:3.5.0
-
cpe:2.3:a:wazuh:wazuh:3.6.0
-
cpe:2.3:a:wazuh:wazuh:3.6.1
-
cpe:2.3:a:wazuh:wazuh:3.7.0
-
cpe:2.3:a:wazuh:wazuh:3.7.1
-
cpe:2.3:a:wazuh:wazuh:3.7.2
-
cpe:2.3:a:wazuh:wazuh:3.8.0
-
cpe:2.3:a:wazuh:wazuh:3.8.1
-
cpe:2.3:a:wazuh:wazuh:3.8.2
-
cpe:2.3:a:wazuh:wazuh:3.9.0
-
cpe:2.3:a:wazuh:wazuh:3.9.1
-
cpe:2.3:a:wazuh:wazuh:3.9.2
-
cpe:2.3:a:wazuh:wazuh:3.9.3
-
cpe:2.3:a:wazuh:wazuh:3.9.4
-
cpe:2.3:a:wazuh:wazuh:3.9.5
-
cpe:2.3:a:wazuh:wazuh:4.0.0
-
cpe:2.3:a:wazuh:wazuh:4.0.1
-
cpe:2.3:a:wazuh:wazuh:4.0.2
-
cpe:2.3:a:wazuh:wazuh:4.0.3
-
cpe:2.3:a:wazuh:wazuh:4.0.4
-
cpe:2.3:a:wazuh:wazuh:4.1.0
-
cpe:2.3:a:wazuh:wazuh:4.1.1
-
cpe:2.3:a:wazuh:wazuh:4.1.2
-
cpe:2.3:a:wazuh:wazuh:4.1.3
-
cpe:2.3:a:wazuh:wazuh:4.1.4
-
cpe:2.3:a:wazuh:wazuh:4.1.5
-
cpe:2.3:a:wazuh:wazuh:4.2.0
-
cpe:2.3:a:wazuh:wazuh:4.2.1
-
cpe:2.3:a:wazuh:wazuh:4.2.2
-
cpe:2.3:a:wazuh:wazuh:4.2.3
-
cpe:2.3:a:wazuh:wazuh:4.2.4
-
cpe:2.3:a:wazuh:wazuh:4.2.5
-
cpe:2.3:a:wazuh:wazuh:4.2.6
-
cpe:2.3:a:wazuh:wazuh:4.2.7
-
cpe:2.3:a:wazuh:wazuh:4.3.0
-
cpe:2.3:a:wazuh:wazuh:4.3.1
-
cpe:2.3:a:wazuh:wazuh:4.3.10
-
cpe:2.3:a:wazuh:wazuh:4.3.11
-
cpe:2.3:a:wazuh:wazuh:4.3.2
-
cpe:2.3:a:wazuh:wazuh:4.3.3
-
cpe:2.3:a:wazuh:wazuh:4.3.4
-
cpe:2.3:a:wazuh:wazuh:4.3.5
-
cpe:2.3:a:wazuh:wazuh:4.3.6
-
cpe:2.3:a:wazuh:wazuh:4.3.7
-
cpe:2.3:a:wazuh:wazuh:4.3.8
-
cpe:2.3:a:wazuh:wazuh:4.3.9
-
cpe:2.3:a:wazuh:wazuh:4.4.0
-
cpe:2.3:a:wazuh:wazuh:4.4.1
-
cpe:2.3:a:wazuh:wazuh:4.4.2
-
cpe:2.3:a:wazuh:wazuh:4.4.3
-
cpe:2.3:a:wazuh:wazuh:4.4.4
-
cpe:2.3:a:wazuh:wazuh:4.4.5
-
cpe:2.3:a:wazuh:wazuh:4.5.0
-
cpe:2.3:a:wazuh:wazuh:4.5.1
-
cpe:2.3:a:wazuh:wazuh:4.5.2
-
cpe:2.3:a:wazuh:wazuh:4.5.3
-
cpe:2.3:a:wazuh:wazuh:4.5.4
-
cpe:2.3:a:wazuh:wazuh:4.6.0
-
cpe:2.3:a:wazuh:wazuh:4.7.0
-
cpe:2.3:a:wazuh:wazuh:4.7.1
-
cpe:2.3:a:wazuh:wazuh:4.7.2
-
cpe:2.3:a:wazuh:wazuh:4.7.3
-
cpe:2.3:a:wazuh:wazuh:4.7.4
-
cpe:2.3:a:wazuh:wazuh:4.7.5