Description
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.
Published: 2026-03-27
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: Denial of Service via SSL/TLS Renegotiation
Action: Apply Patch
AI Analysis

Impact

The Wazuh Manager authd service accepts SSL/TLS renegotiation requests from clients without imposing limits. An attacker can repeatedly initiate renegotiation, causing the server to consume significant CPU resources and eventually become unresponsive, leading to a denial of service. This weakness allows a remote adversary to disrupt authentication services and potentially impact the overall availability of the Wazuh monitoring stack.

Affected Systems

The vulnerability affects the Wazuh Manager (wazuh-manager) product for all versions up to and including 4.7.3. Systems running these versions are susceptible to the DoS condition unless they are upgraded.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate risk. Although EPSS data is not available and the issue is not listed in the CISA KEV catalog, the remote nature of the attack and the lack of mitigations make exploitation plausible. Vulnerable deployments should be considered at high risk until patched or mitigated.

Generated by OpenCVE AI on March 27, 2026 at 17:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Wazuh Manager to a version newer than 4.7.3.
  • If upgrading is not immediately possible, reconfigure the authd service to disable or limit SSL/TLS renegotiation requests.
  • Monitor authentication service CPU usage for abnormal spikes and ensure high availability measures are in place.

Generated by OpenCVE AI on March 27, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Description Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.
Title SSL/TLS Renegotiation DoS in Wazuh Manager authd service
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-27T15:44:30.671Z

Reserved: 2026-03-17T11:31:56.956Z

Link: CVE-2026-32983

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-27T16:16:24.297

Modified: 2026-03-27T16:16:24.297

Link: CVE-2026-32983

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:28:15Z

Weaknesses